Secure Implementation Of Routing Protocols For Wireless Ad Hoc Networks

Ms.S. AMUTHA Assistant Professor (Sr.Gr.) Department of Information Technology P.S.R Engineering College, Sivakasi amuthamukilraj@gmail.com
Abstract Routing is a fundamental networking function in every communication system including wireless Ad hoc networks. Operation of the entire network can be affected by attacking the service .Such attacks can be performed easily in wireless networks due to the unsupervised access to the wireless medium. The malicious manipulation of routing messages results in the dissemination of incorrect routing information leading to network malfunction. Attacks on ad hoc network routing protocols disrupt network performance and reliability. In addition intermediate nodes can be corrupted and thus exhibit arbitrary behavior. The novel algorithm that detects internal attacks by using both message and route redundancy during route discovery. Route discovery messages are protected by pair wise secret keys between a source and destination .The routes are established by public key cryptographic mechanisms. We propose and analyze the performance of secure implementation of the existing routing protocols like Dynamic Source Routing (DSR) and Adhoc On-demand Distance Vector (AODV).

Dr.KANNAN BALASUBRAMANIAN Professor Department of Computer Science and Engineering Mepco Schlenk Engineering College, Sivakasi kannanbala@mepcoeng.ac.in

Keywords:Routing,security, Attacks, AODV, DSR 1. INTRODUCTION A Mobile Ad hoc Network (MANET) is a system of wireless mobile nodes that dynamically Self-organize in arbitrary and temporary network topologies. People and vehicles can thus be internetworked in areas without a preexisting communication infrastructure or when the use of such infrastructure requires wireless extension [3]. In the mobile ad hoc network, nodes can directly communicate with all the other nodes within their radio ranges; whereas nodes that not in the direct communication range use intermediate node(s) to communicate with each other. In these two situations, all the nodes that have participated in the communication automatically form a wireless network, therefore this kind of wireless network can be viewed as mobile ad hoc network. extensively studied. This study has resulted in several mature protocols. Ad hoc networks are targeted at environments where communicating nodes are mobile, or where wired network deployment is not present or not economical. Many of these applications may run in untrusted environments and may therefore require the use of a secure routing protocol. Furthermore, even when the presence of an attacker is not foreseen, a secure ad hoc network routing protocol can also provide resilience against misconfigured nodes. In the current Internet, for example, misconfigured routing tables contribute to the majority of routing instabilities. Similarly, a software or hardware failure should cause only the affected node to fail, and not perturb the stability of routing in the remainder of the network. Mission or safety-critical networks can use secure ad hoc routing protocols so that configuration errors, software bugs, or hardware failures do not disturb routing at other nodes. As a result, several secure ad hoc network routing protocols have been proposed Some of the characteristics which differentiate ad hoc wireless networks from other networks are: 1. Dynamic Network Topology. This is triggered by node mobility, nodes leaving or joining the network, node interoperability due to the lack of power resources, etc.

Fig1.MANET STRUCTURE This problem of routing in ad hoc networks is an important one, and has been

2. Fluctuating Link Capacity. The effects of high bit error rate are more profound in wireless communication. More than one end-to-end path can use a given link in ad hoc wireless networks, and if the link were to break, could disrupt several sessions during period of high bit transmission rate. 3. Distributed Operations The protocols and algorithms designed for an ad hoc wireless network should be distributed in order to accommodate a dynamic topology and an infrastructure less architecture. 4. Limited Energy Resources Wireless devices are battery powered, therefore there is a limited time they can operate without changing or replenish their energy resources. Designing communication protocols in the ad hoc wireless networks is challenging because of the limited wireless transmission range, broadcast nature of the wireless medium (hidden terminal and exposed terminal problems,, node mobility, limited power resources, and limited physical security. Advantages of using an ad hoc wireless networks include easy and speedy deployment, robustness (no infrastructure required), adaptive and self-organizing network. 2. ATTACKS IN AD HOC NETWORKS There are numerous types of attacks occur in ad hoc network, but are mainly classified into two types, external attacks and internal attacks. In external attack[5], the attacker aims to cause congestion propagate fake routing information or disturb nodes from providing services. In internal attack the adversary wants to gain normal access to the network activities, either by some impersonation to get the access to network as the new node, or by directly compromising a current node and using it as basis to conduct its malicious behavior. Attacks can also be classified into two categories: i) Attacks on routing protocols and ii) Attacks on packet forwarding/delivery.[3] The main influences brought by the attacks on routing include network partition, route loop, resource deprivation and route hijack. Because of the mobility and constantly changing topology of the mobile ad hoc networks, it is very difficult to validate all the route messages as a result, impersonating another node to spoof route

message, advertising false route metric to misrepresent topology, flooding route discovery, modifying route reply message, generating bogus route error to disrupt a working route, suppressing route error to mislead others may occur. In packet forwarding/delivery selfishness and denial-ofService are the two main strategies applied by the attack.[7] 2.1 TYPES OF ATTACKS Collision Attack: Deliberates collisions or corruption induced by an attacker in order to deny the use of a link. Impersonation Attack: The attacker nodes impersonates a legitimate node and joins the network undetectable, sends false routing information, masked as some other trusted node. Black Hole Attack: In this attack, the attacker node injects false route replies to the route requests claiming to have the shortest path to the destination node whose packets it wants to intercept. Once the fictitious route has been established the active route is routed through the attacker node. The attacker node is then in a position to misuse or discard any or all of the network traffic being routed through it. Wormhole attack: adversaries cooperate to provide a low-latency side- channel for communication by means of a second radio with higher-power and long-range link. The wormhole attack involves the cooperation between two attacking nodes. One attacker captures routing traffic at one point of the network and tunnels it to another point in the network that shares a private high speed communication link between the attackers, and then selectively injects tunnel traffic back into the network. The two colluding attacker can potentially distort the topology and establish routes under the control over the wormhole link. Denial of service: Denial of service attacks aim at the complete disruption of the routing function and therefore the whole operation of the ad hoc network. Specific instances of denial of service attacks include the routing table overflow and the sleep deprivation torture. In a routing table overflow attack the malicious node floods the network with bogus route creation packets in order to consume the resources of the participating nodes and disrupt the establishment of legitimate routes. The sleep deprivation torture aims at the

consumption of batteries of a specific node by constantly keeping it engaged in routing decisions. Flooding Attack : overwhelms victims limited resources: memory, processing or bandwidth. 2.2 Attacks Against Routing: Routing is one of the most important services in the network; therefore it is also one of the main targets to which attackers conduct their malicious behaviors.[1][2] In the mobile ad hoc networks, attacks against routing are generally classified into two categories: attacks on routing protocols and attacks on packet forwarding/delivery . Attacks on routing protocols aim to block the propagation of the routing information to the victim even if there are some routes from the victim to other destinations. Attacks on packet forwarding try to disturb the packet delivery along a predefined path. Attacks against routing protocols include network partition, routing loop, resource deprivation and route hijack. There are some attacks against routing that have been studied:[6][7] Impersonating another node to spoof route message. Advertising a false route metric to misrepresent the topology. Sending a route message with wrong sequence number to suppress other legitimate route messages. Flooding Route Discover excessively as a DoS attack. Modifying a Route Reply message to inject a false route. Generating bogus Route Error to disrupt a working route. Suppressing Route Error to mislead others. 3. ROUTING PROTOCOLS: Routing in wireless ad hoc networks faces additional problems and challenges when compared to routing in traditional wired networks with fixed infrastructure. The problem of routing in such environments is aggravated by limiting factors such as rapidly changing topologies, high power consumption, low bandwidth and high error rates. Most of the existing routing protocols follow two different design approaches of ad hoc networks, namely the table-driven(Proactive Protocols) and on-demand(Reactive Protocols) approaches. The following sections analyze in more detail these two design approaches, and briefly present example

protocols that are based on them. Examples of proactive protocols include Optimized Link State Routing (OLSR), Topology Broadcast based on Reverse Path Forwarding (TBRPF), Fish-eye State Routing (FSR), Destination-Sequenced Distance Vector (DSDV), Landmark Routing Protocol (LANMAR) and Cluster head Gateway Switch Routing Protocol (CGSR).Examples of reactive protocols include Ad Hoc On-Demand Distance Vector (AODV) , Dynamic Source Routing (DSR) and Temporally Ordered Routing Algorithm (TORA). 3.1 AdHoc On-Demand Distance Vector Routing (AODV) AODV is a variation of DestinationSequenced Distance-Vector (DSDV) routing protocol which is collectively based on DSDV and DSR. It aims to minimize the requirement of system-wide broadcasts to its extreme. It does not maintain routes from every node to every other node in the network rather they are discovered as and when needed & are maintained only as long as they are required.[3] The key steps of algorithm used by AODV for establishment of routes:[8][9] i)AODV initiates a route discovery process using Route Request (RREQ) and Route Reply (RREP). The source node will create a RREQ packet containing its IP address, its current sequence number, the destinations IP address, the destinations last sequence number and broadcast ID. The broadcast ID is incremented each time the source node initiates RREQ. ii)The sequence numbers are used to determine the timeliness of each data packet and the broadcast ID & the IP address together form a unique identifier for RREQ so as to uniquely identify each request. The requests are sent using RREQ message and the information in connection with creation of a route is sent back in RREP message. The source node broadcasts the RREQ packet to its neighbours and then sets a timer to wait for a reply. To process the RREQ, the node sets up a reverse route entry for the source node in its route table. This helps to know how to forward a RREP to the source. Basically a lifetime is associated with the reverse route entry and if this entry is not used within this lifetime, the route information is deleted. If the RREQ is lost during transmission, the source node is allowed to broadcast again using route discovery mechanism.

iii)A route discovered between a source node and destination node is maintained as long as needed by the source node. Since there is movement of nodes in mobile ad hoc network and if the source node moves during an active session, it can reinitiate route discovery mechanism to establish a new route to destination. Conversely, if the destination node or some intermediate node moves, the node upstream of the break initiates Route Error (RERR) message to the affected active upstream neighbors/nodes. 3.2 DYNAMIC SOURCE ROUTING (DSR) Dynamic Source Routing (DSR) is an Ad Hoc routing protocol which is based on the theory of source-based routing rather than table-based. This protocol is source-initiated rather than hop-byhop. This is particularly designed for use in multi hop wireless ad hoc networks of mobile nodes. Basically, [8]DSR protocol does not need any existing network infrastructure or administration and this allows the Network to be completely selforganizing and self-configuring. This Protocol is composed of two essential parts of route discovery and route maintenance. Every node maintains a cache to store recently discovered paths. When a node desires to send a packet to some node, it first checks its entry in the cache. If it is there, then it uses that path to transmit the packet and also attach its source address on the packet. If it is not there in the cache or the entry in cache is expired (because of long time idle), the sender broadcasts a route request packet to all of its neighbors asking for a path to the destination. The sender will be waiting till the route is discovered. During waiting time, the sender can perform other tasks such as sending/forwarding other packets. Therefore, route maintenance process will constantly monitors and will also notify the nodes if there is any failure in the path. Consequently, the nodes will change the entries of their route cache. 4. SECURE AD HOC ROUTING There exist several proposals that attempt to architect a secure routing protocol for ad hoc networks, in order to offer protection against the attacks mentioned in the previous section. These proposed solutions are either completely new stand-alone protocols, or in some cases incorporation of security mechanisms into existing protocols (e.g. DSR and AODV). As we will see, the design of these solutions focuses on providing

countermeasures against specific attacks, or sets of attacks.[3][4] Furthermore, a common design principle in all the examined proposal is the performancesecurity trade-off balance. Since routing is an essential function of ad hoc networks, the integrated security procedures should not hinder its operation. Another important part of the analysis is the examination of the assumptions and the requirements on which each solution depends. Although a protocol might be able to satisfy certain security constraints, its operational requirements might thwart its successful employment. In order to analyze the proposed solutions in a structured manner we have classified them into different categories: solutions based on asymmetric cryptography; solutions based on symmetric cryptography; and a category of mechanisms that provide security for ad hoc routing. However, this classification is only indicative since many solutions can be classified into more than one category. 5. Simulation Based Analysis using Network Simulator (NS-2) In this section we have described about the tools and methodology used in our paper for analysis of adhoc routing protocol performance i.e about simulation tool, Simulation Setup(traffic scenario, Mobility model) performance metrics used and finally the performance of protocols is represented by using gnuplot graph. 5.1 Simulation Tool In this paper the simulation tool used for analysis is NS-2 which is highly preffered by research communities. NS is a discrete event simulator targeted at networking research. Ns provides substantial support for simulation of TCP, routing, and multicast protocols over wired and wireless (local and satellite) networks . NS2 is an object oriented simulator, written in C++, with an OTcl interpreter as a frontend. This means that most of the simulation scripts are created in Tcl(Tool Command Language). If the components have to be developed for ns2, then both tcl and C++ have to be used.The flow diagram given in figure4 shows the complete working of NS2 for Analysis. 5.2 Simulation Setup The performance analysis is done on Windows7 Ultimate. Ns allinone-2.34 was installed on the platform using Fedora 14. Table 1. Simulation parameters

Platform NS version Pause time Simulation time Number of nodes Traffic Packet size Transmission Range Simulation Area Node Speed Mobility model

Windows7 Ultimate, Fedora 14 Ns- allinone-2.34 0-900s 200s 50 wireless nodes CBR 1024 bytes 250m 1500X300m 20m/s Random waypoint mobility model

6. Simulation Results: In this section, an NS-2 simulator is to investigate the performance of routing protocols AODV and DSR.[10]

Based on these simulation set up we run the simulation it provides high throughput and packet delivery ration. In security features we add extra bits for computation it provides security using RSA but complexity is increased. Further add security features to the AODV and DSR to improve the routing performance. 5.3 Performance Metrics Used The following metrics are used in this paper for the analysis of AODV, DSR routing protocols. i) Total Throughput ii) Packet Delivery Ratio iii) Total Overhead iv) Packet Latency Total Throughput: The total number of data packets that have been received at time t by a destination node. 2) Total Overhead: The total number of routing (control) packets that have been transmitted at time t by the nodes in the network. 3) Packet Delivery Ratio : The packet delivery ratio in this simulation is defined as the ratio between the number of packets sent by constant bit rate sources (CBR, application layer) and the number of received packets by the CBR sink at destination. Packet Delivery Ratio =packet received by sink /packet sent by sources It describes percentage of the packets which reach the destination. 4) Packet Latency: The time elapsed since a data packet is transmitted to the time when it is received at the destination 1)

fig.2 simulation environment (packet transmission between nodes) Total Throughput:

fig.3 Throughput using AODV & DSR Total overhead: [root@foss codes]# dsrtracec.tr 2 number of data packet 1193 number of data routing 0 Routing overhead is 0 Packet Delivery Ratio(PDR): [root@foss codes] # gawk packetdeliveryratio.awk amuthatracecbr.tr total no.of packet sent=3343 total no. of packet recieved=3340 Packet Delivery Ratio : 99.9103 %

perl

totaloverhead.pl

-f

7. Conclusion In this paper the analysis of adhoc routing protocol is done in the above mentioned mobility and traffic pattern on different pause time. We analyzed that when pause time set to 0 each of the routing protocols obtained around 97% to 99% for packet delivery ratio. DSR and AODV reached approx 99% packet delivery ratio when pause time equal to 200. DSR performs well as having low end to end delay. When we compare the two protocols in the analyzed scenario we found that overall performance of DSR is better than other routing protocols. First we investigate the performance comparison on wireless adhoc routing protocols. The proposed attack detection and routing algorithms integrated into existing routing protocols for AODV and DSR. In AODV and DSR without security the network performance is degraded. Add extra bits for computation it provides security but complexity is increased. Futher add security features to the AODV and DSR to improve the routing performance. References: [1] P. Papadimitratos and Z. Haas, Securing the Internet routing infrastructure, IEEE Commun. Mag., vol. 40, no. 10, pp. 6068, Oct. 2002. [2] Ming Yu, Mengchu Zhou,, and Wei Su, A Secure Routing Protocol Against Byzantine Attacks for MANETs in Adversarial Environments IEEE Transactions On Vehicular Technology, Vol. 58, No. 1, Jan.2009 [3] Yih-Chun Hu, Adrian Perrig, David B. Johnson Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols WiSe 2003, September 19, 2003 [4] Sudhir Agrawal, Sanjeev Jain, Sanjeev Sharma A Survey of Routing Attacks and Security Measures in Mobile Ad-Hoc Networks Journal Of Computing, Volume 3, Issue 1, January 2011, Issn 2151-9617 [5] Suman Deswal and Sukhbir Singh Implementation of Routing Security Aspects in AODV International Journal of Computer Theory and Engineering, Vol. 2, No. 1 February, 2010

[6]Mohammad O. Pervaiz, Mihaela Cardei, and Jie Wu Routing Security in Ad Hoc Wireless Networks Network Security, 2005,Springer [7] Shabir Sofi, Eshan Malik, Rayees Baba, Hilal Baba, Roohie Mir Analysis of Byzantine Attacks in Adhoc Networks and Their Mitigation ICCIT 2012 [8] Priyanka Goyal ,Sahil Batra, Ajit Singh A Literature Review of Security Attack in Mobile Adhoc Networks International Journal of Computer Applications (0975 8887) Volume 9 No.12, November 2010 [9] D. Johnson and D. Maltz, Dynamic Source Routing in Ad Hoc Wireless Networks, Mobile Computing, T.Imielinski and H. Korth, Ed., pp. 15381. Kluwer, 1996. [10] [online].Available:http://www.isi.edu/nsnam/ns/ . Authors Biography
Dr. Kannan Balasubramanian received the Ph.D degree in Computer Science from University of California ,Los Angels, and the M.Tech degree in Computer Science and Engineering from IIT Bombay, India and his Msc(Tech) degree in Computer Science from BITS., Pilani, India. He is a Professor in Mepco Schlenk Engineering College, Sivakasi, India. His research interest includes Network Security, Network protocols, applications and performance. S.Amutha received her M.E in Mepco Schlenk Engineering College, Sivakasi. She completed her B.E from Arulmigu Kalasalingam College of Engineering, Krishnan koil . She is a Asst.prof (Sr.Gr) in P.S.R Engineering College.Her research interest is to analyze the secure variants of routing protocols in wireless adhoc networks.