Lot of research has been carried out in the field of integrating MANET with Internet. The main challenge in this integration can be grouped into four categories: addressing, routing, gateway and mobility issues. Of these the Gateway has grabbed the attention of most researchers as it serves as a liaison between the mobile node in the MANET and the fixed node in the internet. This paper focuses on a secure Hybrid Gateway selection scheme. Several Gateway selection schemes were proposed that uses single metric like hop count, residual energy, link capacity, etc. or multiple metrics such as the combination of gateway node speed, Euclidean distance between the Gateway and MANET nodes and residual capacity of the path. Each of these schemes doesn't guarantee that the path established with the Gateway by the Mobile Node is the best as these paths may be congested or may include selfish or malicious nodes. To overcome this situation and provide an end-to-end security, it is necessary to select a Gateway that can be reached via trusted nodes and uncongested route. In this paper, we propose a Gateway Management scheme that considers a normalized security metric employing multiple security parameters such as node trust, route trust and residual route load capacity to select a potential Gateway node. The precise estimation and Gateway selection employing this normalized security metric are proposed in this paper.
Keywords- Gateway Management, normalized security metric, hybrid Gateway discovery.
INTRODUCTION
Mobile Ad Hoc Network (MANET) [1] is a wireless network that is created dynamically without the need of any existing network infrastructure or centralized administration. The most important features of these networks are easy deployment and self configurability. However, MANET's communication is limited to the ad hoc domain only. Many applications may need a connection to an external network such as Internet or LAN to facilitate the users with the resources provided by the external network. For such a scenario, integration of the MANET with the external infrastructure networks like Internet is required. Early work in this field focused on Mobile IPv4 and IPv6 ([2], [3]). These solutions provided Internet access by using tunneling and Mobile IP registration with foreign agent care-of-address. Therefore, in order to access the Internet, the mobile nodes need to register with a foreign agent and tunnel all the packets destined to the Internet to the foreign agent just registered. This foreign agent decapsulates the packets and forwards them to the intended destination. AODV protocol [4] was used to route packets between mobile nodes and foreign agents within the MANET. As the interest for Mobile IP decreased, the focus on Internet access research diverted to solutions that were not based on Mobile IP.
Therefore, today's research, in the field of integrating MANETs with the Internet largely focuses on a Gateway [5], which has both the wired and wireless interface. The main challenge in this direction stems from the need for the Gateway to inform the mobile nodes about its presence by making a minimal use of the scarce network resources. So, an efficient Gateway management scheme is necessary for these heterogeneous networks. Due to the multi-hop nature of MANET, a mobile node might have several reachable Gateways to connect to the Internet. In such a case, the mobile node has to decide which one of these reachable Gateways is the optimal one for its connection. The various Gateway selection metrics used in the current research in this field has been surveyed in the literature.
MOTIVATION OF THE RESEARCH
There are several issues involved in the seamless integration of the MANET with the Infrastructure networks like Internet. One of the proposed solutions to the integration is the notion of gateway, which has two interfaces [5]. The one connected to the Internet is configured so that normal IP routing mechanisms can be used when packets come in and/or out of MANET, while the interface connected to MANET uses the AODV+ protocol [5], to route packets within MANET. Next, a mobile node ought to choose an optimal Gateway discovery mechanism to connect to the external network. Gateway discovery mechanisms are either pro-active or reactive. Pro-active mechanism [5] involves periodic Gateway Advertisement (GWADV) broadcast by the Gateway (GW), which minimizes delay required in finding out the Gateway. Whereas, reactive mechanism [5] involves reactive Gateway Solicitation (GWSOL) forwarding by MANET nodes, which minimizes the control packet overhead required in discovering the Gateway. To minimize the disadvantages of proactive and reactive gateway discovery, the two approaches can be combined. This results in a hybrid proactive/reactive method [5] for gateway discovery. For mobile nodes in a certain range around a gateway, proactive gateway discovery is used. Mobile nodes residing outside this range use reactive gateway discovery to obtain information about the gateway. By employing either a pro-active, reactive or hybrid mechanism, the intended connection to the fixed node in the Internet is established through the selected GW. This GW selection doesn't guarantee that the path chosen is the best as they may be congested, may include malicious nodes which may drop the packets it routes or selfish nodes that may not forward packets for its neighbours but employ its neighbours to forward packets for it. The source node may be unaware of these situations. These issues drive us develop a light weight mechanism that identifies these misbehaviors of the nodes in the MANET and also ensures legitimate Gateway candidate selection. Analysing and addressing the various security issues in the path established from a mobile node to the intended gateway, by monitoring and controlling the activity of the malicious nodes in the integrated network forms the motivation of the research.
The remainder of the paper is organized as follows: Existing literature, detailing the survey of the related works is presented in Section II. Section III describes the proposed Secured Gateway Management scheme touching upon the need for Trust in a network and the description of the terms node trust, route trust and residual route load capacity followed by the illustration of the Secure Gateway Management Algorithm. Section IV briefs the simulation environment along with the simulation parameters. Conclusion is provided in Section V.
REVIEW OF EXISTING LITERATURE
A wide library of existing research in the field of integrating MANET with Internet with respect to the Gateway Discovery mechanism has been referred to as a part of the literature survey. Hamidian et al. [6] proposed three methods of GW discovery namely proactive, reactive and hybrid using the modified AODV routing protocol. All these methods employed only hop count as the only metric for GW selection.
Ammari et al. [7] proposed a hybrid selection scheme based on the weighted sum of the Euclidean distance between MANET nodes and mobile gateways, and the load of mobile gateways (number of MANET nodes currently registered with them).
Misra et al. [8] proposed Complete Adaptive Gateway Discovery mechanism where the efficient use of periodic GW advertisement is made by limiting advertisement flooding area, and also interval of sending periodic advertisement made dependent on mobility and topological changes.
Fu et al. [9] proposed a multi-metric GW discovery mechanism employing physical hops, congestion level and contention level of route are combined as one single metric. By this discovery mechanism, flows can be diverted away from congestion and contention-prone areas, thus avoiding further build up of traffic load in these areas.
Bouk and Sasae [10] proposed a multiple end-to-end QoS metric GW selection scheme using route availability period, route capacity and route latency, to select a potential gateway node. An overall QoS value of the route using the above metrics is computed and the GW that is accessed through the route with a maximum overall QoS value is used to select as the GW.
Yuste et al. [11] proposed an adaptive GW discovery mechanism that reduces the flooding process of GW advertisement by dynamically adjusting the interval of emission of these messages to the need for updated routes to the gateway. Since short routes need to be updated later, the adjustment is based on the estimation of the number of short routes that the nodes keep to the Internet Gateway by the mathematical characterization of the spatial distribution of the MANET nodes.
Few works exist in the literature in this field that employed security by incorporating hop-to-hop authentication schemes in Mobile IP. Sidhani et al. [12] proposed a secure integration between MANET and Mobile IPv6 based on shared-key cryptography. This secure integration scheme is based on coupling the authentication procedure performed by the visiting nodes with the Mobile IP v6 (MIPv6 or simply MIP).
Ramanarayana et al. [13] proposed a secure routing scheme using Identity Based Cyptography (IBC) as the underlying cryptographic tool for public key-private key setup and pair-wise shared key setup among the participating nodes to promote security in the integrated network.
From the literature survey it is found that most of the existing work considers Gateway centric issues with less focus on ambient route conditions. Various malicious nodes or selfish nodes may also be present in the path to the GW that may maliciously drop the packets intended for the fixed node in the internet through the GW that are not considered at all in any of these GW discovery schemes. This causes a need to derive a secure metric for Gateway selection. This drove the proposed work in this field of research.
PROPOSED SECURE GATEWAY SELECTION SCHEME
The sample scenario depicting a simple integration scenario of the MANET and internet in the presence of malicious nodes in the path is shown in Fig. 1. The mobile node A is communicating via multi-hop to the internet through the current gateway node. As could be seen from the figure, several malicious nodes may be present in the path to the GW and also the path may be congested which may produce a false sense of malicious activity in the network.
Thus, the aim of the paper is to, at first propose Secure Gateway selection scheme that selects the potential GW candidate node in the integrated network and thereafter, ensure an end-to-end security in the integrated network. The proposed solution takes into consideration multiple security metrics such as node trust, route trust and residual route load capacity besides the hop count metric to ensure tight security in the integrated network.
Fig. 1: A scenario depicting the integrating of MANET with internet in the presence of malicious node in the path
NEED FOR TRUST
Trust is a software entity. Trust and security are related terms. Using trust, a tight security can be established in the network. However, establishing trust in MANET still remains a challenging issue [14]. By determining the trust relationship with a neighbouring node, a node can much easily take proper security measures, and make correct decision. Trust could be computed directly based on past behaviour of the node or indirectly by the recommendation of some trusted parties. But however, trust is not a constant value as it changes dynamically over time. The ubiquitous characteristics of MANETs also affect the trust value of the nodes. From the various parameters like packet forwarding, packet dropping, numbers of times acted as a destination/source/forwarding node are some parameters that define the monitoring actions in a network from which the trust value of a node could be defined. A node is said to be selfish or malicious if its behaviour is deviating from normalcy. This difference between the actual and expected event behaviour gives the trust value of any node.
In order to ensure end-to-end security, the metrics to be employed should not only consider a node's present/past behaviour that defines the trust but should also give information on the ambient route conditions ensuring that a node is not falsely sensed malicious. So, in addition to node trust, route trust, which is a node's measure of reliability with which a packet can reach the destination and residual route load capacity, which is the minimum available capacity at any node of the route, are used.
GATEWAY SELECTION PARAMETERS
As briefed in the previous section, the GW selection parameters to be employed in this work are a combination of the Residual Route load capacity, Node trust and route trust. The selection of the GW achieved by this method ensures that malicious or selfish nodes are isolated from participating in the network. Even though, a combination of node trust and route would affirm this, sometimes, a node may act maliciously because of the unavailability of the network resources. This could be sometimes misjudged as a malicious activity; therefore, to prevent such false detections, a third parameter called residual route load capacity is introduced as a GW selection parameter. Each of the three selection parameter is discussed in detail below:
Residual Route Load Capacity
In a multi-hop MANETs, the presence of common nodes may overload the traffic that results in an increase in delay and packet loss. These nodes may even drop any packets it receives. This may give an illusion of malicious behaviour of this node to its neighbour. To avoid this false sense of malicious behaviour of any node, the source mobile node should select a route to the GW with maximal available load capacity. The residual route load capacity [10] of a route is the minimum load capacity at any node, including the intermediate nodes and the GW nodes, in the route. Supposing that the maximum load capacity of a node m is m is µ and the current traffic load handled by m is λm then the residual load capacity, cm, at this node m is computed as:
cm= µ- λm where
λm = S∑ j=0 rj k j
Here, λm is the current traffic load on node m that is relaying traffic from s traffic sources and rj and kj denote the average packet arrival rate and average packet size of the traffic from source j, respectively. The overall residual load capacity Ci of route i is computed as:
Ci = min {cj} where,
j = nodes in a route including gateway node.
Route Trust and Node trust
In order to maintain the (dynamically changing) node trust, a new data structure called neighbour table [14] (Fig. 2) is introduced in each node of the network in addition to the routing table already present. The node trust is calculated by the collective opinion of the node's neighbour and the resultant value is placed in the trust value field of the neighbour table.
Neighbour_ID
Trust Value
Fig 2: Neighbour Table
Dest.
Seq#
Rid
Next
Hop
Hop
Count
ATV
RSV
Fig. 3: Extended Route Table
The Routing table is to be extended with new fields to accommodate the route trust values. This new structure is called extended route table (Fig. 3). In Fig. 3, the illustration of the terms used is as below:
ATV is the Advertised Route Trust Value. It is the trust a downstream neighbour has on the route as advertised by it.
OTV is the Observed Route Trust Value. It refers to the route trust computed by the node itself based on the information in R_ACK message transmitted by the destination to the source periodically.
Rid is the Route ID. It is a unique number given by a node for each route from it to the destination.
RSV is the Route Selection Value. This is used as a metric in selecting one of the many available routes to GW.
Each entry in the extended routing table stores all routes for a given destination with the highest DSN represented by a unique Rid and its corresponding route trust value as advertised by the node (ATV) and the computed RSV are also stored.
For convenience, let us assume that Node S is the source node, Node D is the destination node. Let Node X stands for the node under consideration. Let Node P refers to the immediate upstream neighbor of node X. Let Node N stands for the immediate downstream neighbour of node X.
In order to propagate the route trust in this hybrid network, the GWADV message, that is, RREP_I (Fig 4), is to be extended with extra fields. This structure is called the Extended RREP_I packet with fields to accommodate the route trust and recommender node's ID. For every such packet forwarded, the intermediate node increments the hop count by one and caches the trust value present in this packet to its extended routing table. If this node has computed its own trust on the route, it updates the route trust value and adds its own ID in the RREP_I packet.
Type
R
A
I
Reserved
Prefix SZ
Hop count
RREQ_ID
DESTINATION IP ADDRESS
DESTINATION SEQUENCE NUMBER
ORIGINATOR IP ADDRESS
ORIGINATOR SEQUENCE NUMBER
Recommender ID
Route Trust
Ci
Fig. 4: Extended RREP_I packet
Type
Originator ID
(Destination Node)
Destination ID
(Originator ID)
No. Of packets received
Timestamp
Fig. 5: R_ACK Packet
After establishing the route, in order to be updated with the ambient route conditions, the R_ACK (Fig. 5) packet is introduced in the network. This is the modified version of RREP_ACK packet with the type value set to 4 and is transmitted periodically on an agreed upon interval between the source and destination. This R_ACK is the report packet that is initiated by the destination to inform the source and also the other intermediate nodes of the number of packets it has received from the intended source since the last transmission of R_ACK.
2.1.1. Propagation of Node Trust and Route Trust
Initially, when a network is setup, a node doesn't have any information about the trustworthiness of its neighbors, that is to say, it can be neither fully trusted nor fully distressed. So all nodes have 50% initial node trust[14] that remain unchanged for a time tinit. The route trusts are also initially unknown. AODV+ is employed for routing in this integrated network and the route trust is computed as the ratio of the number of packets received at the Destination to the number of packets forwarded by the node under consideration. Node trust is computed based on the difference between the node's ATV to the destination and OTV computed for current data transfer.
When a node X forwards or generates an GWADV (RREP-I), X advertises its trust on the route under consideration to its immediate upstream node P [14]. Node P caches this route trust value as ATV of node X on that route and compares it with the OTV. The node X receives an incentive on its OTV if the OTV is within an admissible range of ATV. Otherwise, its OTV on the node X is decreased by node P. The percentage of increase or decrease in the OTV is inversely proportional to the node's distance from the destination: the farther a node from the destination, lesser is the information it has on the downstream node's behavior.
A node is said to be advertising inaccurate route trust values when its ATV on a route is not within a tolerance limit of OTV [14]. If a node X repeatedly advertises inaccurate route trust values, the value of node trust for that node maintained by its immediate upstream neighbor, say P, decreases. After it falls below rthresh, P promiscuously monitors X. If P observes that node X is maliciously dropping packets, then P isolates X by not forwarding any packets through X. Node P then invokes the local repair mechanism to find the alternate route to reach the GW. In addition, P broadcasts X's malicious behavior using some known security mechanisms. Each node receiving this broadcast can independently decide whether to label X as malicious. The flagged malicious node X would remain isolated by node P for time tmal. After tmal, the node X is treated as a new node in the network. If node P fails to find an alternate path then it would send the RERR message to its immediate upstream node (say Pp) on that route. Then node Pp tries to find an alternate route to the destination using the local repair mechanism.
Computation of Route Selection Value
Before soliciting a GWADV (RREP_I) message to the GWSOL sent by a MN, a gateway node calculates its parameters Route Trust Ri and Residual Route load capacity Cg (Ci=Cg). In next step, gateway node updates these parameters in RREP_I message and broadcast in a proactive region of the MANET by using the TTL (time to live) value. When a mobile node receives a GW_ADV message, it computes its own parameters of route trust Ri and residual route load capacity Cu. Now the Intermediate MN compares its residual route load capacity with that of the one arrived from its downstream neighbour and assigns the minimum of the compared values to Ci.
The MN may get several RREP_I packets in response to its GWSOL packet to GW. The route selection criterion is dependent on node trust on the immediate downstream neighbour N that recommended the route, and on the route trust node N has on the sought route. The route selection criterion is inversely proportional to the number of hops in the route. A source node calculates the Route Selection Value (RSV) [14] for all its available routes to the GW and it finally chooses the route which has the highest RSV. The symbols used in the normalized metric are briefed in the table below:
Table 1: Conventions used in calculating RSV
Symbol
Meaning
Tind
Trust on the individual neighbour (Node Trust)
Tavg
Average of the trusts of all the neighbours that
forwarded/generated RREP_I.
RTind
Trust the individual neighbour has on the Route (Route trust)
RTavg
Average of all the Route Trusts obtained from
individual nodes which forwarded/generated
the RREP_I
Hind
Number of Hops in the route proposed by the
individual node in its RREP_I
Havg
Average of all Hind s' obtained from individual
neighbors which forwarded the RREP_I
Cind
Residual Route load capacity of the nodes in the route including the GW node
Cmax
Maximum residual route load capacity
Now the calculation of RSV is normalized as shown:
RSV= α1 (Tind/ Tavg) + α2 (RTind/RTavg)+ α3 (Havg/Hind)+ α4 (Cind/Cmax)
where α1, α2, α3, α4 are weights assigned for node trust, route trust, number of hops, and residual route load capacity respectively. The values of α1, α2, α3, α4 lie between 0 and 1 satisfying the condition α1+ α2 + α3+ α4= 1. This gives the network administrator the freedom to choose these weights for based on the deployment environment. If the network is intended for highly secure data, like in a military scenario, then the values of α1, α2 and α3 should be much higher than the value of α. That is to say that more importance needs to be given to the route trust and node trust than to the route length.
In a MANET, due to dynamic topology, the overall route capacity or security of the network increases or decreases at random. It is therefore, necessary to propagate this varying route conditions to the source node with the intermediate nodes updating their status. By this method, a potential and secure GW selection could be achieved and end-to-end security maintained thereby ensuring a Secure GW management scheme.
Gateway Discovery Algorithm
The algorithm describing the proposed work is presented below:
Broadcast GWSOL message to all nodes in the MANET
If (NODE_TYPE = GATEWAY_CANDIDATE) then
Reply with metric information of Route trust (RTG), ATVG, Load Capacity (Ci=CG) to the first hop neighbour of the GW
Else
Rebroadcast GWSOL message to all nodes, in the next hop and so on, till last hop
End If
For each intermediate node 'ind' from the GW to the MN do:
Compute RTind and Cind
If (Cg< Cind) then
Ci= Cind
Else
Ci is left unchanged
End If
Update RTind, Ci in the RREP_I and send the packet to the upstream nodes of ind with the advertised RT value ATVind
// each of the ind neighbour has a trust value maintained for it in the neighbour table called Tind
If (ATVind ≈ Tind)
Increase the Tind value for the neighbour ind and
goto step:5
Else
i) Decrease the Tind value for the neighbour ind
ii) If Tind ≥ R thresh then
Goto step:5
iii) Else
Monitor the neighbour ind promiscuously and if
found acting maliciously isolate it from the
network till time tmal
iv) End if
End If
End for
//The GWADV has now reached the source node that
requested for it
The MN calculates the RSV from the node trust it has on its immediate downstream neighbor, Route trust and Residual Route load capacity values by employing the following equation:
The GW that is accessed through the route with the highest value of RSV is chosen for communication to the Internet.
Use hybrid GW discovery mechanism to advertise the presence of this newly elected GW by sending GWADV messages
SIMULATION ENVIRONMENT
A simple hybrid GW discovery scheme was simulated in NS2.33 in a simulation scenario of 15 mobile nodes, 2 gateways, 2 routers and 2 hosts in a topology of a rectangular area with 800 m length and 500 m width. The two gateways are placed on each side of the area; their x,y-coordinates in meters are (100,250) and (700,250). All simulations were run for 900 seconds of simulated time. Five of the 15 mobile nodes are constant bit rate traffic sources which are distributed randomly within the MANET.
To evaluate the proposed secure Gateway Selection scheme for the integration of MANET with internet, the proposed hybrid GW discovery scheme has to be simulated in NS2.33 and evaluated for performance using the following metrics:
Packet Delivery Ratio is the ratio of the number of packets delivered at the destination and the number of packets sent by the source.
Control Overhead is the ratio of the amount of control packets related transmissions to the amount of data transmissions. The amount is in Bytes. Both forwarded and transmitted packets are counted.
The attack success rate of an attacker is defined as the ratio of the number of times the attacker is selected to be a forwarding member over the number of times the GW discovery process is initiated.
CONCLUSION
A secure Gateway selection scheme for integration of MANET with Internet is proposed in the paper. Also, a Gateway discovery algorithm employing the proposed scheme was briefed. As a future direction, the proposed work has to be incorporated into the simple integration scenario that was simulated and the trust value has to be finetuned to suit the environment.
