Secure Self Re-Organizing of Nodes Using Closeness Technique in Cluster MANET

Sathiya Kumar, C.; Duraiswamy, K.

Secure Self Re-Organizing of Nodes Using Closeness Technique in Cluster MANET

by C. Sathiya Kumar (Author) Dr. K. Duraiswamy (Author)

Summary

Mobile ad hoc network (MANET) is defined as a self-configuring infrastructureless network used for communication by wireless links with the support of mobile devices. A MANET is referred to as a wireless network with independent nodes moving freely with respect to each other. Due to the independent free moves of nodes, a huge amount of packet data loss occurs in transmitting the packet from source to destination. The risk of node misbehaviour is extremely high. The unsecured ad hoc network environment is initiated due to the active nature of networks and node mobility. In addition, the task of key management is more complex in ad hoc network. Due to the nature of free moving characteristics, MANET faces improper node cooperation. The main reason behind ineffective node cooperation is presence of malicious or selfish nodes. Moreover, the existence of malicious unauthenticated nodes causes insecure communication. Hence, the proposed system aims in the development of proper node cooperation, malicious node detection and secure communication in MANET.

Excerpt

Sathiya Kumar, C., Duraiswamy, K.: Secure Self Re-Organizing of Nodes Using

Closeness Technique in Cluster MANET, Hamburg, Anchor Academic Publishing 2017

Buch-ISBN: 978-3-96067-185-5

PDF-eBook-ISBN: 978-3-96067-685-0

Druck/Herstellung: Anchor Academic Publishing, Hamburg, 2017

Bibliografische Information der Deutschen Nationalbibliothek:

Die Deutsche Nationalbibliothek verzeichnet diese Publikation in der Deutschen

Nationalbibliografie; detaillierte bibliografische Daten sind im Internet über

http://dnb.d-nb.de abrufbar.

Bibliographical Information of the German National Library:

The German National Library lists this publication in the German National Bibliography.

Detailed bibliographic data can be found at: http://dnb.d-nb.de

or transmitted, in any form or by any means, electronic, mechanical, photocopying,

recording or otherwise, without the prior permission of the publishers.

Das Werk einschließlich aller seiner Teile ist urheberrechtlich geschützt. Jede Verwertung

außerhalb der Grenzen des Urheberrechtsgesetzes ist ohne Zustimmung des Verlages

unzulässig und strafbar. Dies gilt insbesondere für Vervielfältigungen, Übersetzungen,

Mikroverfilmungen und die Einspeicherung und Bearbeitung in elektronischen Systemen.

Die Wiedergabe von Gebrauchsnamen, Handelsnamen, Warenbezeichnungen usw. in

diesem Werk berechtigt auch ohne besondere Kennzeichnung nicht zu der Annahme,

dass solche Namen im Sinne der Warenzeichen- und Markenschutz-Gesetzgebung als frei

zu betrachten wären und daher von jedermann benutzt werden dürften.

Die Informationen in diesem Werk wurden mit Sorgfalt erarbeitet. Dennoch können

Fehler nicht vollständig ausgeschlossen werden und die Diplomica Verlag GmbH, die

Autoren oder Übersetzer übernehmen keine juristische Verantwortung oder irgendeine

Haftung für evtl. verbliebene fehlerhafte Angaben und deren Folgen.

Hermannstal 119k, 22119 Hamburg

http://www.diplomica-verlag.de, Hamburg 2017

Printed in Germany

ABSTRACT

Mobile ad hoc network (MANET) is defined as a self-configuring

infrastructureless network used for communication by wireless links with the

support of mobile devices. A MANET is referred as wireless network with

independent nodes moving freely with respect to each other. Due to the

independent free moves of nodes, a huge amount of packet data loss occurs in

transmitting the packet from source to destination. The risk of node

misbehavior is extremely high. The unsecured ad hoc network environment is

initiated due to the active nature of networks and node mobility. In addition,

the task of key management is more complex in ad hoc network. Due to the

nature of free moving characteristics, MANET faces improper node

cooperation. The main reason behind ineffective node cooperation is presence

of malicious or selfish nodes. Moreover, the existence of malicious

unauthenticated nodes causes insecure communication. Hence, the proposed

system aims in the development of proper node cooperation, malicious node

detection and secure communication in MANET.

In order to enhance the node cooperation, and malicious node

detection, first research work develops a Secure Key Model (SKM). The main

idea behind SKM is to cluster the nodes based on reputation and ranking.

Clustering of node is reorganized on its own self with the evaluation co-

operative nodes. The negative reputation value in reputation table detects

malicious node. Performance evaluations are carried out. SKM achieves the

high performance rate of 5-9% with 7-17% of minimum computational cost

compared with the ID-based Multiple secret Key Management (IMKM).

The second research work deals with node cooperation to avoid

security issues like illogical node participation, with Hybrid Approach for

Node Cooperation based Clustering (HANCC) in MANET. The node

cooperation among the nodes in MANET is improved by forecasting the

weightage of cooperativeness of each node in the network. The evaluation of

node cooperation weightage detects the illogical nodes participating in the

network. Performance evaluations are carried out. HANCC achieves the node

cooperativeness of 20-25% compared with the Fair, efficient and secure

cooperation incentive mechanism (FESCIM) and efficient clustering and

cluster head rotation scheme for wireless sensor networks (ERP-SCDS).

The third research work, secures communication by the

establishment of Efficient Node Cooperation and Security (ECNS)

mechanism overcomes the bottleneck of selfish nodes in MANET by creating

initial authentication among nodes through node cooperation. The ENCS

mechanism is capable of providing high security by avoiding the misbehavior

nodes. Performance evaluations are carried out and it achieves the security

level of 15-25% compared with the Value iteration algorithm (VIA) and

ODMR protocol using a high-throughput (ODMRP-HT).

The final research work deals with Routing Aware Packet

Reserving (RAPR) framework for end-to-end throughput maintenance. This

resolves the effective resource allocation. The mobile node selects the packet

which travels in shortest distance. RAPR estimates the security level of the

system by end-to-end routing by controlling and clogging. The performance

evaluations are carried out and system uses the resources effectively and

improves the end-to-end throughput by 15%.

iii

TABLE OF CONTENTS

ABSTRACT

INTRODUCTION

1.1

BACKGROUND

1.2

STATEMENT OF THE PROBLEM

1.3

SECURITY IN MANET

1.3.1 Attacks in MANET

1.3.1.1 Vulnerabilities of MANETs

1.3.1.2 Attackers

1.3.1.3 Active and passive attacks

1.3.1.4 Attacks at physical layer

1.3.1.5 Attacks at network layer

1.3.1.6 Attacks at transport layer

1.3.1.7 Attacks at data link layer

1.3.2 Denial of Service Attack

1.3.2.1 DoS attacks on the link layer

1.3.2.2 DoS attacks on the network layer

1.3.3 Channel Aware Detection

1.4

NODE CLUSTERING IN MANET

1.5

PURPOSE OF THE STUDY

1.6

ORGANIZATION OF CHAPTERS

LITERATURE REVIEW

2.1

INTRODUCTION

2.2

A SECURE KEY MODEL FOR

EFFICIENT NODE CLUSTERING

BASED ON REPUTATION AND RANKING

2.3

A HYBRID APPROACH FOR NODE

CO-OPERATION BASED CLUSTERING

IN MANET

2.4

EFFICIENT NODE COOPERATION

AND SECURITY IN MANET USING

CLOSENESS A DEGREE OF SEPARATION

2.5

RESEARCH GAP

2.6

OBJECTIVES OF THE RESEARCH

2.7

CONTRIBUTIONS OF RESEARCH

SECURE KEY MODEL WITH REPUTATION

AND RANKING SYSTEM IN MANET

3.1

INTRODUCTION

3.2

SECURITY ISSUES IN MANET

3.2.1 Reputation Based Self

Re-Organized Node Clustering

3.2.1.1 Reputation management

3.2.1.2 Reputation broadcast

3.2.1.3 Reputation detects, filter,

transform and localize

3.2.1.4 Resolver

3.2.1.5 Route maintenance

3.3

SECURE KEY MODEL ON NODE

CLUSTERING USING REPUTATION

AND RANKING

3.4

NODE CLUSTERING BASED ON

REPUTATION AND RANKING

3.5

GROUP KE MANAGEMENT

3.5.1 Need for Group Key Management

3.6

PSEUDO CODE FOR SECURE KEY MODEL

3.7

EXPERIMENTAL EVALUATION

3.8

RESULTS AND DISCUSSION

3.8.1 Malicious Node Detection Efficiency

3.8.2 Node Reputation

3.8.3 Performance Rate

3.8.4 Computational Cost

3.9

SUMMARY

A HYBRID APPROACH FOR NODE

CO-OPERATION BASED CLUSTERING

IN MANET

4.1

INTRODUCTION

4.2

NEED FOR NODE CO-OPERATION

BASED CLUSTERING IN MANET

4.2.1 Challenges of Node

Cooperation in MANET

4.2.1.1 Mobility management

4.2.1.2 Power control and bandwidth

allocation

4.2.1.3 Privacy and security

4.3

HYBRIDIZATION OF NODE

CO-OPERATION BASED CLUSTERING

4.3.1 Evaluation of Weightage of

Node Cooperativeness

4.3.2 Process of Self-Organization and Node

Clustering Based on Cooperativeness

100

4.3.2.1 Local activity rules to attain

universal characteristics

100

4.3.2.2 Development of understandable

coordination

101

4.3.2.3 Reduction of long-lived

circumstances information

101

4.3.2.4 Protocols capable of any

topology change

101

4.3.3 Clustering Based on Weightage and

Self Organization of Nodes

102

4.3.4 Node Clustering Using HANCC

103

4.3.5 Algorithm for HANCC

107

4.4

EXPERIMENTAL EVALUATION

109

4.5

RESULTS AND DISCUSSIONS

109

4.5.1 Node Cooperativeness

110

4.5.2 Clustering Energy Dissipation

112

4.5.3 Network Lifetime

113

4.6

SUMMARY

115

EFFICIENT NODE COOPERATION

AND SECURITY IN MANET USING

CLOSENESS TECHNIQUE

116

5.1

INTRODUCTION

116

5.2

VULNERABILITIES OF THE

MOBILE AD HOC NETWORKS

117

5.2.1 Lack of Secure Boundaries

118

5.2.2 Threats from Jeopardize

Nodes Inside the Network

119

5.2.3 Lack of Centralized Management Facility 120

5.2.4 Restricted Power Supply

122

5.2.5 Scalability

123

5.3

ACHIEVING COOPERATION AMONG

NODES

126

vii

5.4

ENHANCING SECURITY OVER MANET

128

5.5

EFFICIENT NODE COOPERATION

AND SECURITY IN MANET USING

CLOSENESS TECHNIQUE

129

5.5.1 Algorithmic Flow of ENCS Mechanism

132

5.6

PERFORMANCE EVALUATION

134

5.7

RESULTS AND DISCUSSION

135

5.7.1 Average Information Leakage

136

5.7.2 Packet Transmission Efficiency

137

5.7.3 Security Level

140

5.7.4 Average Cost

141

5.8

SUMMARY

143

PACKET RESERVING AND CLOGGING

CONTROL VIA ROUTING AWARE PACKET

RESERVING FRAMEWORK IN MANET

144

6.1

INTRODUCTION

144

6.2

KEY IDEA BEHIND ROUTING AWARE

PACKET RESERVING FRAMEWORK IN

MANET

148

6.2.1 Packet Reserving on Mobile Nodes

149

6.2.2 Single RAPR Model with Multiple

Packet Flows

151

6.3

OVERVIEW OF ROUTING AWARE PACKET

RESERVING FRAMEWORK IN MANET

152

6.3.1 Algorithmic Description

of RAPR Framework

153

6.4

EXPERIMENTAL SETUP OF

RAPR FRAMEWORK

155

6.5

PERFORMANCE OF RAPR FRAMEWORK

156

viii

6.6

SUMMARY

165

CONCLUSION AND FUTURE WORK

166

7.1

CONCLUSIONS

166

7.2

FUTURE WORK

168

REFERENCES

170

CHAPTER 1

INTRODUCTION

1.1

BACKGROUND

A Mobile ad hoc network (MANET) is a system of wireless mobile nodes that

dynamically self-organize in random and momentary network topologies. A

MANET is group of wireless networks consisting of a number of mobile

nodes. Nodes in MANET connect and disconnect from the network

dynamically. There is no permanent set of infrastructure and centralized

administration in MANET. Nodes are organized and interconnected through

wireless interface. The self-motivated nature of such type networks makes it

extremely vulnerable to different link attacks. The essential needs for a

protected networking are secure protocols, ensuring that the privacy,

accessibility, authenticity and honesty of network. Many offered security

solutions for wired networks are unproductive and useless for MANET

environment. As the communication takes place in an open medium, the

MANET communication is more susceptible to security attacks. In the

occurrence of security protocol, the effects against different attacks are

reduced. Therefore, the success of MANET communication greatly depends

on the relationship of the participating mobile nodes.

A MANET is described by deficient in infrastructure, lack of

centralized administration, recurrent mobility of nodes, network separation

and wireless links. These characters indictate that the usual wire line security

solutions are not directly applicable in MANET. Certainly, the properties

represent that the establishment of a public key infrastructure, is an unwieldy

task in such networks.

Propagation of packet to the entire network is an essential process

and includes broad applications in the MANET. The basic approach for

transition is blind flooding, in which each node is compelled to retransmit the

data whenever it obtains a packet for the first time. Blind flooding creates

many repeated broadcasting. These repeated transmissions cause a serious

trouble, referred as the transmission storm difficulty in which repeated

packets leads to communication congestion and contention.

A MANET is a completely on-the-fly network utilized to maintain

the idea of any time and any place transmission. MANET is an infrastructure-

less network with a set of wireless mobile hosts to structure a temporary

network without the support of any wired base stations. Each mobile node in

such a network functions not only as a node but also as a router. The intrinsic

restrictions of the MANET, such as insufficient resources and dynamic

topologies, need a suitable routing protocol. The protocol design for such an

environment requires straightforward, well-organized and robust structure.

The methods that broadcast packets in the MANET are relatively unusual

from that in the wired network, since a node transmits a packet, then all its

neighbors receive that packet under the promiscuous receive mode.

Recent work on providing security comprises a fully-distributed

Identification based Multiple secret Keys Management scheme (IMKM)

facilitating an efficient key method. It involves an interaction of ID-based

multiple secret and threshold cryptography. IMKM eliminates public key

distribution using certificate authentication. In addition IMKM provides

efficient key update and key revocation schemes. The nodes are clustered and

needs a Cluster Heads (CHs) to participate in key construction. The updated

cluster head shares the keys on establishing a threshold sharing of the master

secret key. Multiple secret keys scheme is able to withstand cryptanalysis and

periodically updates share keys of CHs with a predefined time interval. The

scheme does not require the exchange or signing of any additional messages.

At last, the method supports improved performance by reducing computation

and communication overheads. Efficient group key agreement provides

authentication without authenticating signatures and needs only one round.

1.2

STATEMENT OF THE PROBLEM

Ensuring secure communication in ad hoc network is extremely challenging

due to dynamic nature of the ad hoc network. The difficulty in MANET

communication is that the data broadcast is insecure due to lack of centralized

management. MANET is a division of ad hoc network working in wireless

infrastructure-less environment in the way of self-configuring communication

with the mobile devices. Each node or mobile device in a MANET is

independent to each other moving without self-control in any route resulting

in insecure communication. The independent behavior of node flow changed

the interaction link to other devices or nodes frequently. The absence of fixed

infrastructure in shared wireless medium results in node mobility and limited

resources of mobile devices. Due to the limited resource in communication,

the bandwidth is restricted. Additionally, error-prone communication links by

key management is difficult to implement in ad hoc networks.

The information is broadcast with a secure private key. Group Key

Agreement (GKA) protocol is the common protocol generally used in secure

transmission. GKA protocol permits two or more parties to agree on common

group key and exchange information over insecure channel. GKA provides

mutual key authentication among parties involved in the communication.

The limitation of GKA protocol for transmission is its overcoming

nature with the establishment of Authenticated Group Key Agreement

(AGKAP) protocol applications in cooperative, distributed and self organized

ad hoc networks. Design of secure and well-organized protocol for group key

agreement gains much concentration as an important research area. The group

key management protocol is also less efficient in the transmission of packets.

Major researches are needed to be handled in the key management issues

for securing MANET using clusters.

1.3

SECURITY IN MANET

Wireless Mesh Networks (WMNs) are noted as a standard choice for Internet

Service Providers (ISPs) in broadcasting the information over wireless access.

The WMNs are estimated to integrate the characteristics of self-organization,

self-healing, and self-configuration for high consistency and scalability. In

addition to the numerous advantages, the WMNs require security guarantees

due to its open medium, shared architecture and inconsistent topology.

A MANET is an independent set of mobile nodes which

communicate over moderately bandwidth restricted wireless links. MANET

varies from predictable wireless networks, such as cellular networks and IEEE

802.11, an infrastructure mode networks as self-organizing. The infrastructure

networks are self-containing i.e., the nodes communicates openly with each

other lacking reliance on centralized infrastructures such as base stations.

Additionally, MANET is self organizing and adaptive in the way of

structuring and de-structuring on-the-fly without the need for any system

administration.

These exclusive characters make MANET popular for situations

which will need fast network use, such as search and rescue operations. The

decentralized property of MANET, specifically the deficiency of centralized

entities offers a better application work nature. The avoidance of single point

of disappointments makes these network models also perfect for military and

commercial applications that require high level of robustness. But some

challenging security issues are to be concentrated before MANET is set for

extensive commercial or military deployment.

One of the major security issues in MANET is trust management.

Trust is usually recognized and handled in wired and other wireless networks

using centralized entities like Centralized Authority (CA) or Key Distribution

Center (KDC). The lack of centralized entities in MANET creates trust

management security issue as a challenging task. The inaccessibility of trusted

authorities also builds crisis to achieve essential functions such as the

revocation of distribution centre. Another attractive MANET security

difficulty is the issue of false accusation in the existence of malicious nodes.

The false accusation tries to prove the valid node as malicious node resulting

in removal of legitimate node from the network. The malicious node causes

several communication difficulties such as gap of opportunity problem.

In MANET, certification systems play a vital role to attain network

security. Controlling the issue of certificate cancellation in wired network is

simple compared to the MANET. In wired network when the certificate of a

malicious node get canceled then the certificate authorities append the

information about the cancelled node into the Certificate Revocation Lists

(CRLs). Otherwise, they transmit the CRLs to each and every node present in

the network or either saves them on an open repositories. But the certificate

revocation is a difficult task in MANET and also this usual method of

certificate revocation is not valuable for MANET due to lack of centralized

repositories and trusted authorities. A method is required for MANET to

cancel the certificate of malicious nodes after detecting the first misbehavior

of nodes.

The wireless technology makes MANET more susceptible to

security attacks and due to this the established security methods does not offer

a novel solution to MANET. A new protocol needs to be urbanized to

overcome the disadvantage in the traditional security methods such as

distribution centre. Symmetric key cryptography method requires trusted third

party and vital repositories to preserve information about the node whose

certificate is get cancelled. But these standard security methods fail in

providing the preferred security in the case of wireless networks such as

MANET. In other words, the capacity of the standard security approaches is

only restricted to the wired networks and to some extent in the wireless

networks because the number of security problems is less in wireless

networks compared to wired networks.

1.3.1

Attacks in MANET

A MANET is an infrastructure-less category network containing number of

mobile nodes with wireless network boundary. In order to establish

communication among nodes, the nodes enthusiastically launch paths among

one another. The character and outline of such networks make it interesting to

several types of attackers. The section discusses different types of attacks on

various layers under protocol stack. Various types of attacker try different

approaches to drop off the network performance and throughput. The main

attention is on routing and security issues related with mobile ad hoc networks

which are necessary in order to offer secure communication. On the basis of

the character of attacks on communication, the attacks against MANET are

classified into two types, namely, active and passive attacks. Also the

attackers against a network are classified into two groups namely, insider and

outsider. An outside attacker is not a legal user of the network but an insider

attacker is a certified node and a component of the routing mechanism on

MANET.

1.3.1.1

Vulnerabilities of MANETs

A MANET is vulnerable to different attacks not only from exterior but also

from within the network itself. Ad hoc networks are essentially subjected to

several vulnerability issues as follows:

Dynamic Topology: In MANET, nodes connect and disconnect from the

network dynamically and travel independently. Due to such type character,

there is no permanent set of topology mechanism in MANET. The node with

insufficient physical security becomes malicious node and minimizes the

network performance.

Wireless Links: As the nodes in such networks are interrelated through

wireless interface that makes it extremely vulnerable to link attacks. The

bandwidths of wireless networks are not as much of wired networks and

offers less bandwidth. The less restricted bandwidth draws many attackers to

stop normal communication among nodes.

Cooperativeness: In MANET, all routing protocols believe that nodes offer

secure communication. But some nodes become malicious nodes which

interrupt the network process by modifying routing information.

Lack of clear line of defense: There is no clear line of protection mechanism

available in the MANET. Attacks come from any directions. Attackers attack

the network either within the network or outside the network.

Limited resources: The MANET includes various collections of devices such

as laptops, computers, and mobile phones and so on. All of such devices

consist of different storage capacity, processing speed and computational cost.

This attracts the attackers to concentrate on new attacks.

1.3.1.2

Attackers

There are various types of attackers present in MANET. They attempt to

minimize the performance of network. The various attackers are categorized

as shown in Figure 1.1.

Figure 1.1 Classifications of Attackers

Figure 1.1 describes the classification of attackers in MANET into five major

types in two levels. The first level of attack arises on the fundamental means

of the ad hoc network such as routing like emission, location and quantity.

The second level of attacks attempts to break the security methods engaged in

the network such as motivations and mobility.

Attackers

Emission

Location

Quantity

Motivations

Mobility

· Active

· Passive

· Insider

· Outsider

· Simple

· Multiple

· Confidentiality

· Integrity

· Selfishness

· Privacy

· Unauthorized

access

· Denial of

service

· Fixed

· Mobile

1.3.1.3

Active and passive attacks

A MANET is more vulnerable to passive attacks. A passive attack does not

change the data transmitted within the network. But it comprises the

unauthorized listening to the network traffic or gathers data from it. Passive

attacker does not interrupt the process of a routing protocol but tries to find

the significant data from routed traffic.

Identification of such type of attacks is complex since the process

of network itself does not get affected. In order to conquer this type of attacks

dominant encryption algorithms are required to encrypt the data being

broadcast. The attack against the MANET is kept on increasing due to its

open medium and independent nature. In addition to passive attack, another

attack that plays against secure communication is active attack.

Active attacks are very harsh attacks on the network that stop

message flow between the nodes. But active attacks are of inside or outside

type. Active outside attacks are handled by outside basis that do not belong to

the network. Inside attacks are from malicious nodes which are part of the

network. Internal attacks are more rigorous and inflexible to detect than

external attacks. These attacks make unauthorized access to network that

supports the attacker to make changes such as alteration of packets, denial of

service and congestion.

Figure 1.2 Active and Passive Attacks in MANET

Figure 1.2 describes the active and passive attacks in MANET. The passive

attacker listens to the data broadcasted in the network. The active attacker acts

as transmitter and changes the data transmitted to the receiver. Detecting the

active attacks is more difficult compared to passive attacks. The nature of

MANET formulates them vulnerable to many new attacks. The attacks in

different layers of the network protocol stack are described in

Table 1.1.

Active

Attacker

Passive

Attacker

Listens

to Data

Transmitter

Acts as

Transmitter

Active

Attacker

Changes Data

Receiver

MANET

Table 1.1 Attacks on Protocols

Layer

Types of Attacks

Application Malicious code, Data corruption, Viruses and Worms

Transport

Session hijacking attack and SYN flooding attack

Network

Blackhole, Wormhole, Grayhole, Link spoofing, Rushing

attack, Replay attack, Sybil attack, Resource consumption

attack and Link withholding attack

Data Link

Selfish Misbehavior, Malicious Behavior, Traffic Analysis

Physical

Eavesdropping, Jamming and Active interference

The attacks on physical layer are hardware related and require support from

hardware origins. These attacks are straightforward to perform as compared to

other attacks. They do not need the entire knowledge of technology. Some of

the attacks detected at physical layer comprise eavesdropping, intrusion and

congestion.

1.3.1.4

Attacks at physical layer

Eavesdropping is an interception and interpretation of messages and

discussions by unintended receivers. As the transmission takes place on

wireless medium, the message is easily interrupted with receiver tuned to

appropriate frequency. The major intention of such attacks is to take the

confidential information that is kept covered during the transmission. The

information includes private key, public key, place or passwords of the nodes.

Classified data is eavesdropped by tapping transmission paths, and wireless

links are easier to trace.

Figure 1.3 Attacks on Communication between Source and Destination

Figure 1.3 describes the attacker attacking on transmission between source

and destination. Jamming is a special class of DoS attacks which are initiated

by malicious node after determining the frequency of communication. An

active interference is a denial of service attack which stops the wireless

communication channel or alters communications. Old messages are repeated

to reinitiate the data information.

1.3.1.5

Attacks at network layer

The network layer protocols allow the MANET nodes to be linked with

another through hop-by-hop. In MANET, every distinct node takes choice of

route to transmit the packet. So, it is very simple for malicious node to attack

on such network. The essential thought behind network layer attacks is to add

itself in the active path from source to destination or to take up network

traffic. In such attacks, the attackers build routing loops to form harsh

congestion. Various type of attacks are detected which are initiated by

malicious node. Figure 1.4 describes the routing attacks by the malicious

nodes.

Original

Connection

Source

Attacker

Destination

Figure 1.4 Routing Attack by Malicious Nodes

The malicious node X takes main data by locating itself between source A and

destination D as shown in Figure 1.4. X also distracts the data packets

swapped between A and D, resulting in significant end to end delay between

A and D. The malicious node X interrupts the route path discovery process by

constructing routing loops and overflow of routing tables.

In Blackhole Attack, malicious node maintains finest path to the

node packet to be interrupted. On getting the request the malicious node

forwards a false respond with extremely short route. In wormhole attack,

malicious node obtains data packet at one location in the network and

channels them to another malicious node. Rushing Attacks are essentially

against the on-demand routing protocols. These types of attacks threaten the

path discovery process.

1.3.1.6

Attacks at transport layer

Attacker in Session Hijacking acquires the benefit to develop the insecure

session after its initial setup. In this attack, the attacker spoofs the injured

party node's IP address, discovers the right sequence number i.e. estimated by

the target and then initiates various DoS attacks. In Session Hijacking, the

malicious node attempts to gather secure data like passwords, secret keys,

logon names and other information from nodes. Session Hijacking attacks are

also known as address attack and affect the transmission protocol like

Transmission Control Protocol (TCP).

Figure 1.5 Session Hijacking

Figure 1.5 describes the Session Hijacking. The TCP- acknowledgement (ACK)

tempest trouble arises when malicious node initiates a TCP session hijacking

attack. The attacker X adds session data, and node 1 forwards

acknowledgement packet to node 2. Packet does not hold any sequence

number that node 2 is expecting. The attack is seen when node 2 receives the

packet and tries to resynchronize the TCP session with node 1. This process is

Injects Data in Session

Node 1

ACK

Node 2

repeated over and over that leads to ACK tempest. Application layer protocols

are also vulnerable to many DoS attacks.

1.3.1.7

Attacks at data link layer

Selfish

misbehavior

node

straightforwardly

changes

the

self-performance of nodes and does not obstruct the action of the network.

The main objective of malicious node is to interrupt regular operation of

routing protocol. The collision of such attack is enlarged when the

communication takes place between adjacent nodes.

The significant attack at data link layer is the DoS attack. These

types of threats created a malicious action with the support of node

co-operation that forms harsh security risks. In the presence of node cooperation,

it is very complex to identify the cooperation routing. The cooperation route

emerges like a usual route but guides to rigorous problems. For example, node

cooperation involves in the communication but drops some packets resulting in

degradation of service quality being offered by network. A detailed overview of

DoS attack is described in the following section.

1.3.2

Denial of Service Attack

A DoS attack is an occurrence that reduces or removes a network's power to

perform its expected function. The hardware failures, software errors,

resource collapses, environmental constraints, or any complex

communications between these factors cause DoS. The DoS attacks on the

link layer and network layer are summarized below:

1.3.2.1

DoS attacks on the link layer

IEEE 802.11 Medium Access Control (MAC) protocol is used as the link

layer protocol for MANET. IEEE 802.11 MAC is vulnerable to DoS attacks

and utilizes its binary exponential back-off scheme. Because a successful

broadcast results in a smaller conflict window, a constantly broadcasting node

always confine the channel and causes other nodes to back off continually. A

customized back-off scheme solves DoS attack by offering the back-off timer

from the receiver end. Additionally, the Network Allocation Vector (NAV)

field in the Request to Send/Clear to Send (RTS/CTS) frames represents

another vulnerability to DoS attacks. Since a malicious node is conscious of

the time interval of the current transmission in its neighborhood, it forwards

few bits to interrupt the current link-layer frames with an insignificant energy

cost.

1.3.2.2

DoS attacks on the network layer

DoS attacks on network layer normally categorized into three, namely,

resource deficiency, routing interference and forwarding denial.

In a resource deficiency attack, malicious nodes add additional

control or data packets into the network. For example, a malicious node keeps

forwarding different messages to its adjacent node. Since the sequence

numbers or fake target address is changed each time, an attacker's neighbors

are unable to distinguish the messages as fake ones or new requests. If the

malicious node forwards these fake messages at a high speed, its neighbors

spends much resources, like bandwidth, CPU sequences and battery power, to

face fake messages.

A typical example of this attack is Blackhole in which an attacker

initiating the Blackhole Attack could direct all packets to some destination

and then discard them. Another type of routing interruption attack is so called

wormhole. To begin the wormhole attack, two malicious nodes N1 and N2

cooperate with each other via a private network connection, such that N1

forwards the packets received from other nodes directly to N2 through the

wormhole. N2 rebroadcast the received packets to another area of the

network.

1.3.3

Channel Aware Detection

The WMN is a multi-hop network which depends on mesh routers to send the

packets to the destination. A successful association among routers is the basis

for a trustworthy network. Cryptography solutions are utilized to defend the

mesh routers from most of the routing protocol attacks like selective

forwarding, Gray hole, Blackhole and Wormhole Attacks. But, if the routers

are liberal, the attacker is allowed to access the public/private keys of the

liberal routers and then crack through the cryptographic system. Therefore, to

attain absolute security in a network, it is ideal to use cryptographic solutions

as a first line of protection and non-cryptographic solutions as a second line of

protection.

Most of the existing studies on selective forwarding attacks

concentrate on attack detection under the statement of an error-free wireless

channel. An additional realistic and demand scenario that packet falling is due

to Grayhole Attacks or normal loss events such as medium access crash or

worst channel quality. Specifically, a Channel Aware Detection (CAD)

algorithm is developed to effectively detecting the selective forwarding

attackers by sorting out the standard channel losses.

The CAD algorithm is based on two measures, namely, channel

evaluation and traffic monitoring. The measure of channel evaluation is to

approximate the normal loss rate due to worst channel quality or medium

access crash. The measure of traffic monitoring is to monitor the definite loss

rate. CAD involves four-fold contributions:

Channel evaluation is incorporated with traffic monitoring to attain

channel-aware detection of Grayhole Attack. The Grayhole detection

effectively detects selective forwarding misbehavior unseen in the usual loss

events due to worst channel quality or medium access crash.

In CAD, upstream and downstream traffic monitoring is integrated

to obtain a flexible detection method. In addition to Grayhole Attack, the

CAD also identifies restricted transmit-power attack, on-off attack and

dreadful opening attack.

The CAD algorithm is inefficient when multiple malicious nodes

act in collision. The CAD is unable to provide useful information about the

authenticated and unauthenticated nodes in the network. The more

unauthenticated nodes involved in the communication, instead of

authenticated node, lead to unsecure communication. Additionally, the

unauthenticated nodes are not prevented to involve in the network

communication.

1.4

NODE CLUSTERING IN MANET

Cluster-based routing is a solution to address node's diversity and to control

the quantity of routing information that broadcasts inside the network. The

purpose of clustering is to collect the network nodes into a number of

coinciding clusters. Clustering makes promising ranked routing in which

routes are traced between clusters instead of nodes. This increases the routes

duration, thus reducing the amount of routing control overhead. In the cluster

formation, the node coordinating the cluster activities is called as cluster head

(CH).

For a clustered network, the network is grouped into clusters with

one cluster head per cluster. Essentially, the clustered network transfers a

thick network to a thin one that involves cluster heads and some gateways.

The broadcast protocol uses a separation of nodes, called forward node set, to

communicate a broadcast packet in a clustered network. Only a cluster head

determines its forward node set to envelop other cluster heads within its

neighborhood and within the exposure area. A non-cluster head node

immediately communicates the broadcast packet if it is chosen as a forward

node. The forward node set is determined by cluster heads. All the cluster

heads in the network are connected to each other. Consequently, a broadcast

packet is delivered to the total network ultimately. Cluster heads are chosen

through a selection process. A cluster head straightforwardly connects to all

the nodes in the cluster. Other members in the cluster are non-cluster head

nodes. The clustered network is produced by the lowest-ID cluster algorithm.

Figure 1.6 Sample Clustered Network

Figure 1.6 shows the effect of applying clustering in a network with 10 nodes.

The cluster formation involves the connection of nodes into clusters groups.

The node 2 acts as attacker in interrupting the communication. Other nodes

Cluster 4

Cluster 1

Cluster 2

Cluster 3

Attacker

Cluster Gateway

Member/Cluster Node

are protected to deliver the packets. The pure clustered network does not

sustain position of maintenance. But it will be possible to localize if a little

different cluster structure strategy is applied. Once a cluster is shaped, a non-

cluster head node, which are newly entered in the cluster challenges the

current cluster head.

Figure 1.7 describes the cluster graph and adjacent cluster graph of

the sample network as shown in Figure 1.6. If a cluster head travels into an

existing cluster, the cluster head that has the higher ID will stop its role of

cluster head. If a cluster head travels out of a cluster, the left non-cluster head

nodes in this cluster will compute their new clusters. A node that has cluster

head adjacent obtains the neighboring cluster head with the lowest ID as its

new cluster head and connects in that cluster. For nodes with no cluster head

adjacent, the cluster formation procedure is applied among those nodes to

structure new clusters. Thus, the clusters mobility is adaptive and alters a

cluster, controlled in a limited area. Thus, transmission of packet in a

clustered MANET using the forward node set is able to efficiently convey the

packet.

Figure 1.7 explicates the cluster graph formed in a cluster. Each

cluster has its own nodes with its edges. In this the vertices refers the nodes

and the edges refers the connection between the nodes. The cluster graph in

Figure 1.7(a) is with good quality and dense, because all the nodes are close

to each other. The cluster graph in Figure 1.7(b) is almost similar to Figure

1.7(a) with same number of nodes and edges; whereas most of the vertices are

outside the cluster. The cluster graph in Figure 1.7(c) has very few

connections with other nodes but lacks in internal density and hence it is not a

good cluster.

Figure 1.7 Cluster Graph and Neighbor Cluster Graph

1.5

PURPOSE OF THE STUDY

Security is the main challenge faced in protecting wireless communications

especially in MANET. The security test reveals that many techniques provide

strong privacy protection but wormhole attacks are difficult to prevent. These

existing techniques support a secure shared key based on-demand for packet

data but offers an unsecure communication.

In MANET topology, crisis occurs mainly due to the attacks that

affect the network. A dynamic method is required to employ topology control

algorithms in MANET to avoid topology problems. Network topology among

MANET varies due to mobility and thus, it unable to maintain the network

connectivity.

The cryptographic protocols concentrates on providing secure

communication but also affected by diverse attacks. The attacks present in the

networks and the root of that attack is also avoided. But the drawback is that

the attacks on encrypted protocol are unavoidable. For the attacks like

Blackhole, Grayhole, Wormhole and Rushing attack, no algorithms is

launched still now and above all attack problems are still faced by MANET.

The possible solution to attacks is by performing node clustering

and deriving cluster heads. Cluster heads are combined and used to avoid

(b)

(c)

(a)

attacks but at the same time a key security is required to solve the attacks. The

data transmission through the cluster nodes is efficient regarding energy but

the congestion at the cluster heads raises. Key security along with clustering is

necessary to avoid loss of packets or prevention from attacks.

A fully-distributed identification based multiple secrets key

management for a secure communication using a protocol of group key

management is proposed. But the disadvantages in IMKM are bandwidth

usage is limited for a secure communication and consumes several rounds to

recognize the secure channel. But the main drawback is that the

communication between the nodes and the clustering processes are inefficient.

Misbehavior of nodes also causes problems in MANET. Routing

misbehavior is also a difficult problem in providing security during

transmission as the nodes drops the packets before transmitting. The packet

dropping problem is avoided by using reputation based method which mainly

avoid when an attacker resets a poor reputation by rejoining the system with a

new identity

(

whitewashing attacks). The existence of delay problems keeps

on increasing due to addition of nodes resulting in inefficient packet delivery

to destination node in given period of time.

Nodes in the networks are scattered reducing the efficiency in

communication. Cluster-based routing is a resolution to solve nodes diversity

and to control the amount of routing information that propagates inside the

MANET. The nodes in the network are clustered for secure ad hoc

communication. A secure key model is provided for ad hoc network with

efficient node clustering based on reputation and ranking model. An

improvement in the reliability of the network is required to provide a fast

transmission. The reputation technique is necessary to find the

unauthenticated nodes involved in the communication.

In addition, the reputation and ranking models are employed to

detect the misbehavior, and selfish nodes within the network communication.

Determination of unauthenticated nodes is essential to avoid the adversary

acts performing in MANET. The nodes co-operation is necessary to perform

clustering and in recognizing cluster head. The cluster head formation helps in

ranking.

A secure transmission between the source and destination plays a

vital role in the MANET communication. To provide the security in

communication, a key is incorporated with the information. To decide the

secret keys in authenticating group, an authenticated group key agreement

protocol is essential. There are several security issues generated by the selfish

nodes in MANET and to improve the cooperativeness among the mobile

nodes in MANET, it is necessary to ensure the node cooperation among the

nodes.

1.6

ORGANIZATION OF CHAPTERS

Chapter 1 provides a brief discussion on the security of MANET with

infrastructure-less network with different attacks on each layer of the network,

and clustering of nodes by providing efficient node cooperation between the

nodes. Additionally the performance and organization of nodes within the

network is deeply discussed.

Chapter 2 reviews the previous research work on MANET security,

infrastructure-less network that is relevant for the present research. In

addition, reviews related to node clustering in infrastructure-less environment

for secure communication, a secure key model for efficient node clustering

based on reputation and ranking, a hybrid approaches for node co-operation

based clustering in MANET using the closeness between the nodes are also

interpreted from the research works.

Chapter 3 provides an overview of various security related issues

while constructing the network. A secure key model (SKM) with reputation

and ranking system is proposed as a first research work. This model

dynamically evaluates the authentication of neighboring nodes and selects the

trusty nodes in the cluster to support efficient transmission of data. The nodes

are clustered based on the reputation table. The model provides secure

successful communication between the nodes in the network without any loss

of data. The design of node clustering proves the usefulness and feasibility of

secure key model approach.

Chapter 4 presents a detailed description of a secure

communication framework between the nodes in the network without any loss

of data and the needs for node cooperation based clustering in MANET. The

second research work namely hybrid approach for node cooperation based

clustering (HANCC) is efficiently designed for enhancing a secure

communication over MANET by improving the node cooperation among

nodes by monitoring the behavior and activity of nodes along with the

weightage of node cooperation. The work evaluates the performance results of

the secure communication framework for hybrid approach using node

cooperation based clustering.

Chapter 5 describes a mechanism to avoid the misbehavior nodes

from replacing the security associations with unidentified nodes. The third

research work ENCS is designed for enhancing cooperation of nodes and

secures communication by adopting the closeness technique.

Chapter 6 focuses on end-to-end route awareness and represents the

end-to-end route quality in terms of path lifetimes. The fourth research work

Routing Aware Packet Reserving (RAPR) framework is developed in

MANET that takes into account both the clogging state and the end-to-end

throughput maintenance. RAPR is complimentary system to packet reserve

that utilizes only local routing information. RAPR framework local routing

information contains the node clustering, cooperation and high security level,

which provides the maximal throughput among the contending flows. Finally,

Chapter 7 provides the concluding remarks and suggestions for future work.

CHAPTER 2

LITERATURE REVIEW

2.1

INTRODUCTION

An ad hoc network is referred as wireless network and provides a wireless

network communication without using infrastructure mechanism.

Ad hoc is a Latin word and has the meaning "for this purpose". A mobile ad

hoc network is a part of ad hoc network defined as a self-configuring

infrastructure-less network, each communicated by wireless links with the

help of mobile devices. The nodes in the ad hoc network are independent of

each other and free to move. Since nodes are independent, packet losses are

found to occur while transferring the packets from source to destination. Due

to the dynamic nature of network and node mobility, the unsecure ad hoc

network loses packets. Each node or device in a MANET can move freely in

any direction. Always some changes occur in the communication links.

2.2

A SECURE KEY MODEL FOR EFFICIENT NODE

CLUSTERING BASED ON REPUTATION AND RANKING

Privacy plays a major role in forwarding a packet. Privacy-preserve routing is

vital for ad hoc networks that entail stronger privacy protection. Data packets

and control packets are still linkable and distinguishable in the old schemes

but they do not tender inclusive unlinkability or unobservability property.

Hence, Wan et al (2012) presented capable privacy requirements concerning

privacy-preserving routing in mobile ad hoc networks. An Unobservable

Routing Protocol (USOR) was designed and it provided unlinkability and

content unobservability to almost all forms of packets. USOR is capable,

because it formed a new merging of cluster signature and ID-based encryption

for route discovery. The security examination exhibits that USOR offers

strong privacy protection as well as it provided security against attacks which

are caused because of node compromise. But wormhole attacks were not

prevented using USOR.

Thus, to provide protection against wormhole attacks a security

protocol is to be proposed which is basically a difficult task. For

communication anonymity, (Sankara & Bhagyaveni 2008) used Secure On

demand position based private routing protocol (SO2P). It provided security

in mobile ad hoc networks, by means of developing a cryptography algorithm

to prevent message hacking. Global Positioning System (GPS) provided the

position information of nodes for which privacy was more important. GPS

obtained the position information of nodes in the network by a terminal node

which behaved like a server. All the information about the terminal nodes

present in ad hoc network was recorded by the server with the process of GPS

system. The position information was prohibited from internal and external

hackers by SO2P. It was performed using a secure routing algorithm in

MANET to identify optimal path to reach the destination. Because of security

mechanisms, SO2P faced some trouble in routing performance such as high

packet loss ratio, less throughput, more time in end to end connection delay.

Since SO2P was used under on demand basis, the secure communication

might not be an efficient one.

MANET is to be secure from attacks and must be dynamic in

providing security (Pankaj & Rajender 2009). Advancement in algorithms and

protocols were mandatory for a secure ad hoc network because of heavy rise

in security threats. Attackers or malicious nodes affect communication

process and it could be avoided using Encrypted Dynamic Source Routing

(EDSR). EDSR was also used to prevent numerous types of Denial-of-Service

attacks. If malicious agents were found on the pathway of forwarding a

packet, EDSR could drop the data packet or acknowledgment, thus preventing

malicious node not to get the right information. Data packets were delivered

to their destinations by EDSR but when different malicious agents were

presented, it drops the packet which was to be forwarded.

Nodes might also cause problems while packets were to be received

by a particular node. The nodes that were engaged in routing and forwarding

must have cooperation then only the MANET performs perfectly. Steps were

to be taken to make a system work properly even during the existence of

malicious nodes. The performances of MANET were greatly affected because

of selfish or malicious nodes. Such misbehavior nodes were to be managed.

Praveen Sam et al (2008) considered two factors, namely, direct factor and

distributed factor, called DUAL factor for the management.

As a development to reactive source-routing protocol, the DUAL

factor protocol was designed for MANET. DUAL factor holds the

components namely, the observer, the trust analyzer, the reputation scheme

and the route analyzer. These components were available in every node.

In DUAL factor each node traced the character of its next-hop

neighbors. If any event was found to be suspicious, data to be forwarded was

given to the reputation scheme. The node activity could be based on the

topology created among the network.

In MANET topology control was a challenging problem. K-edge

connected topology control algorithms were designed in order to build robust

topologies for mobile networks but it seemed to be insufficient. Normally in

networks, node moves at diverse speeds and hence, consistently applying k

values for localized topology control algorithms in any local graph was not

useful. Hence, a dynamic method was presented by Nishiyama et al (2012) to

use k-edge connected topology control algorithms in MANET. The proposed

dynamic method automatically decided the appropriate k value for all local

graphs based on local information. The trade-off among topology control and

reliability was compromised by using scalable topology control algorithms.

Network topology among MANET varied due to mobility and thus it could

not manage the network connectivity. The above mentioned was a well

known problem, but has yet to be solved. Topology problem arose mainly due

to the attacks that affected the network.

The great increase in network based applications had resulted in

numerous security leaks. The cryptographic protocols which provide secure

communication were also affected by diverse attacks. The network traffic and

host activities were monitored by Intrusion Detection Systems (IDSs) in order

to avoid impacts caused by unauthorized accesses and attacks. But the

traditional misuse-based and anomaly-based IDSs were vulnerable to attacks

that affected the encrypted protocols because they were always concerned of

payload contents inspection. An anomaly-based detection system with the

help of strategically distributed Monitoring Stubs (MSs) was presented by

Fadlullah et al (2010). The encrypted traffic was identified by MSs which

remove features for detecting the attacks. MSs also trace back the originating

network of the attack. The approach was called as DTRAB because it aimed

on both Detection and TRAceBack in the monitoring stubs level. But the

drawback was that attacks on encrypted protocols were not avoided.

MANET was a dynamic wireless network developed without any

preceding infrastructure and so each node could behave like a router and

MANET had no restriction (Khokar et al 2010). So it can be accessed by any

Details

Pages
Type of Edition: Erstausgabe
Year: 2017
ISBN (PDF): 9783960676850
ISBN (Softcover): 9783960671855
File size: 5.5 MB
Language: English
Publication date: 2017 (November)
Keywords: IT Security Network security Secure key Re-Organized Node Clustering Node Co-Operation Mobile ad hoc network Wireless mobile host Temporary network Secure communication

Secure Self Re-Organizing of Nodes Using Closeness Technique in Cluster MANET

Summary

Excerpt

Table Of Contents

Details

Authors

C. Sathiya Kumar (Author)

Dr. K. Duraiswamy (Author)