Journal of Emerging Trends in Engineering and Applied Sciences (JETEAS) 2 (1): 155-159 Scholarlink Research Institute Journals, 2011

1 (ISSN: 2141-7016) Journal of Emerging Trends in jeteas.scholarlinkresearch.org Engineering and Applied Sciences (JETEAS) 2 (1): 155-159 (ISSN: 2141-7016)

Routing Security in Mobile Ad Hoc Networks: An Extension of DSR

1

Md. Mashud Rana, 2Alimuzzaman Khan, 2Syeda Suhana Rahman

1 2

University of Chittagong, Shahjalal University of Science and Technology, Bangladesh Corresponding Author: Md. Mashud Rana
__________________________________________________________________________________________ Abstract An ad hoc network consists of a set of mobile nodes that carry out basic networking functions like packet forwarding, routing, and service discovery without the help of an established infrastructure. odes of an ad hoc network rely on one another for forwarding a packet to its destination due to the limited transmission range of each mobile node. The Dynamic Source Routing (DSR) protocol is one the protocols that help to create and maintain routes in an ad-hoc network in spite of dynamic topology. The accurate execution of this protocol requires sustained caring behavior by all nodes participating in the network. However, this behavior may not always be observed and a number of known attacks against the standard DSR protocol can lead to its incorrect execution and even failure. In this paper we present a novel approach of discovering and maintaining dependable routes in an ad hoc network in the presence of various security threats such as spoofing, packet modification on the basis of duplicate route request, acknowledgement, and trust value calculation. Our proposed scheme can adapt quickly over variety of environmental conditions such as highly mobile network topology and high host density. __________________________________________________________________________________________ Keywords: ad hoc network, routing protocol, security, attack, dynamic topology, trust __________________________________________________________________________________________ I TRODUCTIO Ad hoc networks are defined by the manner in which the network nodes are organized to provide pathways for data to be routed from the source to the desired destination. It is a new paradigm of wireless communication for mobile hosts. Nodes in mobile ad hoc networks communicate in a self organized way without depending on any predefined infrastructure or base station as it is in traditional networks. Nodes communicate with each other directly within the radio range. Node mobility causes frequent changes in network topology. Employees of a company moving within a large campus with PDAs, laptops or moving soldiers with wearable computers may be some excellent instances of Ad-hoc networks. The lack of any centralized infrastructure in ad hoc networks raises many security issues that are not known in typical wired networks. Thus communication in mobile ad hoc networks functions correctly if and only if the participating nodes are properly cooperating. Most of the known protocols assume only well-behaving nodes for multi-hop operation of the ad hoc networks. However, some of the nodes may be malicious by launching security attacks. If this is the case, discovering secured route is one of the most difficult and challenging tasks in ad hoc networks. Moreover, to protect an ad-hoc network from various attacks, a routing protocol must fulfill a set of requirements such as authorized nodes should perform route computation and discovery, minimal exposure of network topology, detection of
155

spoofed, fabricated, and altered routing messages, avoiding formation of routing loops, and prevent redirection of routes to ensure that the discovered path from source to destination functions properly in the presence of malicious nodes. However, only a limited number of protocols have been developed that conform to the above mentioned requirements. In this paper a very efficient modification of traditional DSR protocol have been suggested for discovering highly secured path from source to destination based on observing neighbors behavior. The rest of the part of this paper is organized as follows. In section 2 describes related works done so far. Section 3 elaborates our proposed extension of DSR to discover secured route, and to isolate malicious nodes based on trust value estimation of neighboring nodes. Finally section 4 contains the concluding remarks and future research directions. RELATED WORKS As routing security is one of the most concern issues in many potential applications of mobile ad hoc networks, a large number of papers in the literature addressed this issue. In Distant Vector Routing (DVR) proposed by Perlman 1992, only one path between each source/destination pair is available for routing. DVR suffers from slow convergence and loop formation. These loops are formed because nodes choose their next-hops in a distributed fashion based on possibly stale information. Furthermore, depending on the location of link change, routing

Journal of Emerging Trends in Engineering and Applied Sciences (JETEAS) 2 (1): 155-159 (ISSN: 2141-7016)

messages may have to be propagated to a large number of nodes. Destination-sequenced Distance Vector Routing (DSDV) (Perkins and Bhagwat, 1994) prevents loop formation and "counting to infinity" problems by tagging each route table entry with a destination sequence number so that stale information can be deleted. However, DSDV still suffers from slow convergence because a router cannot pass on its routing information until it finishes recomputing its distance vector. In Ad hoc On Demand Distance Vector Routing (AODV) (Perkins, 1997) when a route is needed, a node broadcasts a route request message. The response message is then echoed back once the request message reaches the destination or an intermediate node that contains a fresh route to the destination. For each route, a node also maintains a list of those neighbours actively using the route. A link breakage causes immediate link failure notifications to be sent to the affected neighbours. Similar to DSDV, each route table entry is tagged with a destination sequence number to avoid loop formation. Moreover, nodes are not required to maintain routes that are not active. Thus, wireless resource can be effectively utilized. However, since flooding is used for route search, communication overhead for route search is not scalable for large networks. As route maintenance considers only the link breakage and ignores the link creation, the route may become non-optimal when network topology changes. A source broadcasts a request in the network to find a path to the destination in Dynamic Source Routing (DSR) (Johnson and Maltz, 1996). Response(s) is echoed back when the request reaches the destination or an intermediate node with a cached route to the destination. Multiple paths may be available for routing. Similar to AODV, the communication overhead for route search is not scalable. Since a complete route is included in every message, message header is large. Moreover, a new route has to be found when all previously known route(s) is broken. Temporally-Ordered Routing Algorithm proposed by Park and Corson 1997, provides multiple paths to a destination and ensures they are loop-free. This is a destination-oriented protocol in which logically separate version of the protocol is run for each destination in active communication. However, after the DAG (directed acyclic graph) creation, new links would not be considered unless the DAG becomes disconnected. Therefore, the route may become non-optimal. In addition, communication overhead for route creation is not scalable because flooding is used. Zone Routing Protocol (ZRP) (Haas, 1997) is a hybrid of DVR and DSR. A routing zone is defined for each node that includes nodes at some predefined number of hops from the node. Each node is required to know only the topology of its routing zone; i.e. the routing messages are only propagated locally. The route
156

discovery requires a relatively small number of query messages as these messages are routed only to "peripheral" nodes, omitting all the nodes within the routing zones. This method is called bordercasting. However, the route is unstable because the peripheral nodes can move out of the routing zones. Subsequent route discoveries may be needed. In Linked Cluster Architecture (LCA) (Gerla and Tsai , 1995) a lowestID distributed clustering algorithm (Ephremides, Wieselthier and Baker, 1987) is used to form an interconnected set of clusters covering the entire network. Cluster heads are used for channel access and power control adjustment. Each node has to broadcast its distance vector and update its routing table according to the distance vectors received from its neighbours. In essence, LCA uses flat DVR protocol for routing. Our Proposed Scheme: An Extension of DSR We have divided our proposed extension of DSR works in three separate steps- route discovery, route maintenance, and trust value calculation. This section elaborates each of the steps separately in details. Route Discovery When a source node S have a packet to send to the destination D, the source node first searches its route cache for a suitable route to the destination D. If no route from S to D exists in Ss route cache, S initiates route discovery, and broadcasts a Route Request message. The source node is referred to as the initiator or source and the destination node as the target. The description of each field of the Route Request message is explained in the Table-1. Table 1. Information Included in the Route Request Message Fields Source Id Destination Id Unique Request Id MAC Address List Explanation The address of the source. The address of the destination. A unique Id that can identify the message. A list of all addresses of intermediate nodes that the message passes before its destination. Identify that message has received Identify node either malicious or friend. Estimate message receive and Reply Initially set to 0 for route request and 1 for packet forwarded.

ACK bit Trust estimate value Time Security bit

Journal of Emerging Trends in Engineering and Applied Sciences (JETEAS) 2 (1): 155-159 (ISSN: 2141-7016)

The source node initially set the MAC address list of the Route Request packet to an empty list, set source Id, destination Id, unique request Id in the message accordingly. It also set security bit to 0 and then broadcasts the message. The packet is then received by nodes within the wireless transmission range of source. The source also keeps a copy of the packet in a buffer, referred to as the send buffer. In addition, source node time stamps the message to determine if it should be send again or drop from the buffer depending on the response from neighboring nodes. When a node receives a Route Request message, it examines the destination Id to determine whether it is the intended destination of the message. If the node is not the intended destination, it searches its own route cache for a route to the target. If a route is found it is returned. If not, the nodes MAC address of this intermediate node is appended to the MAC address list, and the Route Request is broadcasted again by the intermediate node. If a node subsequently receives two Route Requests with the same request id and the secured bit 0, it is possible to specify that only the first should be handled and the subsequent are discarded.

transmitted in order to establish a new route. At this stage the sender is ready to send the original data through the discovered route. Before sending the data, the sender again sends the previous Route Request with same Request Id but security bit set to 1 this time. It assigns security bit 1 for packet forwarding purpose. As it is DSR protocol, nodes do not forward the packet with same Request Id. Thats why when nodes find that security bit 1 it forwards the packet. The reason of sending duplicate Route Request Message is to verify the security of previously discovered route. As it is mobile ad-hoc network, different types of attack can be held. Through the route maintenance our proposed scheme can detect and isolate following attacks from our network. When a node receives the duplicate Route Request packet, they will check Request Id and the security bit. If the nodes find that they have already sent an ACK of this Route Request message and the security bit is 1, then it forward this packet to its neighbor node and did not send an ACK to its previous node.

Fig. 1. Route Discovery in Our Proposed Scheme However, if the node is the intended destination, it returns a Route Reply message to the source. This Route Reply message includes the accumulated route from the Route Request message. This entire process of route discovery is shown in Fig.1. Route Maintenance It is necessary to maintain the routes that are stored in the route cache since nodes move in and out of transmission range of other nodes and thereby creates some inconsistency in route cache. When a node receives a packet, it is responsible for confirming its previous node that the packet has reached. If a node transmits a packet and does not receive an acknowledgment it tries to retransmit a fixed number of times. If no acknowledgment is received after the retransmissions, it returns a Route Error message to the source of the packet. In this message the link that was broken is included. The source removes the route from its route cache and tries to transmit using different route from its route cache. If no route is available in the route cache, a new Route Request is
157

Fig. 2. Identification of Spoofing Attack If a spoofing attack as shown in Fig.2 occurs in any intermediate node of the routes. Then it will hide its real IP or MAC address and take the IP or MAC address of the attacked node. When this spoofing node receive the duplicate Route Request packet, it will send an ACK back to its previous node because it does not know that, before attacking original node has an ACK of this request already sent. When previous node previous nodes receive two ACK for the same Request Id from same MAC address, it identifies this node and assumes that it is spoofing attack. It then generates an error message and broadcast this error message to all of its neighbors and also sends the error message to the source node. In this way our proposed method detects and minimizes the spoofing attack. But if twice ACK are received from different MAC address for same Request Id, then it is difficult to identify whether this node is malicious or friend node.

Journal of Emerging Trends in Engineering and Applied Sciences (JETEAS) 2 (1): 155-159 (ISSN: 2141-7016)

T =

n =0

Pp PA

(2)

Fig. 3: Node Mobility in DSR Moreover, due to mobility of nodes as shown in Fig.3 any node in the discovered route can suddenly change its place and any new node capture this place with new MAC address. To minimize this type of problem we estimate trust value of the node to identify whether it is malicious or friend node as described in section 3.3. Trust Value Estimation Definition of Trust Definition of trust comes from Diego Gambetta who has gathered thoughts from diverse areas such as economics and biology. In his work (Diego Gambetta, 1998), he gives the following definition of trust: Trust (or, symmetrical distrust) is a particular level of subjective probability with which an agent assesses that another agent or group of agents will perform a particular action, both before he can monitor it and in a context in which it affects his own action . Trust Calculation We compute the trust value based upon the information that one node can gather about the other nodes .The vital information that we need to calculate our trust value are contribution to the packet forwarding mechanism. These are acknowledgment received, data packets reached to the destination. We represent the trust value in a node y by node x as Tx,y which is given by the following equation: T x,y = Pp / PA, (1)

Identification of Relation between odes In an ad hoc network, depending on the trust value of the nodes, the relationship of a node x to its neighbor node y can be any of the following types: i) Node y is a friend to neighbor node x Node y has sent /received plenty of acknowledgement/messages to/from node x. The trust level ratio between them is reasonably 1. Probability of being misbehaving is very low. ii) Node y is an acquaintance to neighbor node x: Node y has sent /received plenty of acknowledgement/messages to/from node x. Their trust level ratio are in the range of 0.5 < Pp/PA < 1. The chances of malicious behavior will have to be observed. iii) Node y is a stranger to neighbor node x: Node y has never sent/received acknowledgement/messages to/from node x. Their trust level ratio are in the range of 0 < Pp/ PA < 0.5. Any new node entering an ad hoc network will be a stranger to all its neighbors. There are high changes of malicious behavior from stranger nodes. CO CLUSIO A D FUTURE WORKS In this paper, we presented an enhanced DSR protocol for routing packets between hosts in an ad hoc network. Our protocol uses acknowledgement, and trust value calculation technique in addition with dynamic source routing which adapts quickly to routing changes when host movement is frequent. Moreover it ensures security against spoofing, route modification attacks which is the main concern of this research. However, there is a tradeoff between security and speed of message transmission using our protocol. As it requires sending the Route Request message twice, there will be a slight degradation in total time required for a message to reach its destination compared to few related protocols. In future, we are going to extend our proposed scheme so that it can increase bandwidth utilization. The details simulation is also a part of our future works. REFERE CES A. Ephremides, J. E. Wieselthier and D. J. Baker, "A Design Concept for Reliable Mobile Radio Networks with Frequency Hopping Signaling Proc. IEEE, Vol.75, No.1, Jan. 1987, pp. 56-73. C. E. Perkins and P. Bhagwat, "Highly Dynamic Destination-Sequenced Distance- Vector Routing (DSDV) for Mobile Computers," ACM Comput. Commun. Rev., Vol.24, No.4, (ACM SIGCOMM'94) Oct. 1994, pp.234-244.
158

Where, PA represents the category packet acknowledgments that preserve a count of the number of packets that have been received by a node, PP - represents the category packet precision, which maintains a count of the number of packets forwarded correctly to the destination. So, if a node in the network has total of N neighbors, then the trust value is defined by the following equation:

Journal of Emerging Trends in Engineering and Applied Sciences (JETEAS) 2 (1): 155-159 (ISSN: 2141-7016)

C. E. Perkins, "Ad Hoc On Demand Distance Vector (AODV) Routing," Internet Draft, Nov. 1997. D. B. Johnson and D. A. Maltz, "Dynamic Source Routing in Ad Hoc Wireless Networks," T. Imielinski and H. Korth, editors, Mobile Computing, Kluwer, 1996. D. J. Baker, A. Ephremides and J. A. Flynn, "The Design and Simulation of a Mobile Radio Network with Distributed Control," IEEE J. Select. Areas Commun., Vol. SAC-2, No.1, Jan. 1984, pp.226-237. Diego Gambetta, editor. Trust: Making and Breaking Cooperative Relations. Basil Blackwell, 1998. M. Gerla and J. T. Tsai, "Multicluster, Mobile, Multimedia Radio Network," ACM Wireless Networks, Vol.1, No.3, 1995, pp.255-265. R. Perlman, Interconnections: Bridges and Routers," Addison-Wesley, 1992, Pp149-152 and Pp.205-233. V. D. Park and M. S. Corson, "A Highly Adaptive Distributed Routing Algorithm for Mobile Wireless Networks," IEEE INFOCOM'97, Kobe, Japan, Apr. 1997. Z. J. Haas, "A New Routing Protocol for the Reconfigurable Wireless Networks,"IEEE ICUPC'97, San Diego, CA, Oct. 1997. Z. J. Haas, "The Zone Routing Protocol (ZRP) for Ad Hoc Networks," Internet Draft, Nov. 1997.

159