Routing Protocol For Mobile Ad Hoc Networks Computer Science Essay

The thesis focuses on enhancing the routing protocol security against different attacks through trust model. In Mobile ad hoc networks (MANETS); nodes cooperate with each other in forwarding packets. Most of the routing protocols are primarily concerned with route efficiency rather than the security of the route. So any misbehaving node can have devastating affect on the performance of the entire network. Packet delivery ratio decreases tremendously in the presence of small number of malicious nodes. In black hole attack control packets are forged to deceive the source node. Attacker sets hop count to minimum value and destination sequence number is set to maximum possible value to fool the source that it is the fresh route. Most of the work is related to monitor destination sequence number field in control packets to combat black hole attack. If the destination sequence number is close to the prevailing destination sequence number in all the nodes, it becomes difficult to identify black hole attack. We used data forwarding behaviour to combat different attacks. In our technique, each node tracks the behaviour of other nodes by maintaining record of successful transactions. Based on these transactions, behaviour of each node is modelled and certain decisions are taken for future correspondence with other nodes. We have improved the performance of Ad hoc on demand distance vector (AODV) routing protocol which is the most popular routing protocol in MANET by including our trust model. Our approach works well against different attacks and considerably improves packet delivery ratio. We implemented our model in NS2. Experiments show a remarkable improvement in Packet delivery ratio with minimal packet latency and routing overhead.

Acknowledgments

I would like to express my gratitude to Dr. Farrukh Aslam Khan and Jawad Hassan for the help that they extended to me during the course of this research project.

Table of Contents

Researcher's Submission iii

Trust Based Computation of Ad hoc on Demand Distance Vector (AODV) Routing Protocol for Mobile Adhoc Networks iii

Researcher's Declaration iv

Abstract v

Acknowledgments vi

Table of Contents vii

Table of Figures ix

Chapter 1 1

Introduction 1

Chapter 2 4

Literature Review 4

2.1Types of Attacks 5

2.2Hiding Routing Information to avoid malicious Attacks 6

2.3Cooperation of Nodes Fairness in Dynamic Ad hoc Networks Protocol 6

2.4Mitigating Routing Misbehaviour through Packet Conservation Monitoring Algorithm (PCMA) 7

2.5Trust Based Energy aware Reliable Reactive Protocol in MANET 8

2.6Performance Analysis of ad hoc network under black hole attacks 9

2.7Network Processor for establishing Security Agent in MANETS 9

2.8Analyzing Control Packets to identify Malicious Nodes 9

2.9Trust Models for Identifying Misbehaving Nodes 10

Chapter 3 13

Proposed Solution: Trust Based Computation for detection of node misbehaviour in Ad Hoc On-Demand Distance Vector (AODV) Routing Protocol 13

3.1 Design Requirement 13

3.2Trust Value Components 14

3.3Trust Values Computation: 15

3.4Impact of scaling factors on the Solution 15

3.5Flow chart of Trust Based computation 16

3.6Proposed Algorithm 17

3.7Route Maintenance 17

3.8Trust Distribution 18

Chapter 4: 19

Implementation and Results 19

4.1Simulation Results 19

4.2Simulation Metric 19

4.3Results Evaluation: 20

Chapter 5 24

Conclusion and Future Work 24

Table of Figures

Figure 2â€‘1 Working of AODV 5

Figure 2â€‘2 Layout of the network 8

Figure 3â€‘3Trust Management Process in nodes. 16

Figure 3â€‘4Trust Distribution in the network 18

Figure 4â€‘5Packet Delivery Ratio 21

Figure 4â€‘6Packet Loss Ratio 22

Figure 4â€‘7Average Latency 22

Figure 4â€‘8Normalized Routing Overhead 23

Figure 5â€‘9Hybrid System for Node Misbehaviour Detection 25

Chapter 1

Introduction

Wireless ad-hoc networks consist of autonomous nodes which can manage themselves. Due to this inherent trait, the topology of these networks changes very frequently. They have many beneficial applications, mostly, in military and rescue operations such as establishing communication among soldiers in the war zone or establishing a new network in place of a network in a flood affected area or any other natural calamity. Ad-hoc networks are well suited for areas where it is not possible to set up a fixed infrastructure. Nodes uses it neighbours to forward packets in the network. In order to facilitate this communication among nodes, nodes use some routing protocols such as AODV (Ad hoc On Demand Distance Vector), DSR (Dynamic Source Routing) and DSDV (Destination-Sequenced Distance-Vector).Not only nodes acts as a host, each node also behave as a router to discover a path and forward packets to the specific node in the network.

As wireless ad-hoc networks do not contain any base station, they are open wide variety of attacks. One of these attacks is the Black Hole attack. In this attack, node exhibiting the attack does not forward any data packets. In this way, all packets in the network are dropped. These nodes uses weaknesses of certain routing protocols such as AODV and DSR.During the route discovery process, all the nodes participate in finding the path to the destination. Malicious nodes mislead other nodes by advertising the false information. Source node sends all the packets to the destination through the malicious node. If the malicious node is present near the source, it can drop the packet deliver ratio of the network to a range below 10%.

There are two phases in forwarding data packets from source node to destination node. One is path acquisition and second is packet forwarding. In grey hole attack, malicious node behaves normally. But once the route is established, it starts dropping the data packets. This attack is also very common in mobile adhoc networks.

The wormhole attack is a particularly severe control attack on the routing functionality of a MANET, during which a malicious node receives different packets from one part of network and, sends them to another malicious node which then reuses them locally. Mobile adhoc networks to disrupt the normal flow of traffic. These attacks are namely black hole attack, grey hole attack and worm hole attack.

In black hole attack, the malicious node will respond to any route request (RREQ) that it receives. It will send Route Reply (RREP) to the source node, informing him that destination of data packets passes through me. For this purpose, it sends RREP with minimum hop count and highest destination sequence number .by doing so; it fools the source that it is the fresh route. So replace the previous entry with this one. Black hole attack is the most lethal attack until now.

In our study, we modified AODV routing Protocol by using trust model to identify the misbehaving nodes. In order to study the impact of misbehaving node, we simulated black hole attack in wireless ad-hoc networks and evaluated its damage in the network. We did our simulations using NS-2 (Network Simulator version 2) simulation program that consists of the collection of all network protocols to simulate many of the existing network topologies. NS-2 contains a number of wireless ad-hoc routing protocols. We modified the original AODV protocol in order to provide immunity against misbehaving nodes. We started our study by writing a new AODV protocol using C++, to simulate the Black Hole attack. Then we integrated trust based computation among nodes to create a behaviour based profile of each node in the network. Based on this profile, certain decisions were taken to identify the malicious node. We then added certain procedures to stop and isolate these malicious nodes from the rest of the network. As expected, the modified routing solution increased the network throughput that deteriorated considerably in the presence of malicious nodes. Our solution increased the packet delivery ratio up to 91 % in presence of malicious nodes. The rest of the thesis is organized as follows: In chapter 2, literature review is carried out. In Chapter 3 proposed solution is discussed. Chapter 4 describes the results of the network behaviour due to the black hole attacks. This chapter also contains simulation of solution that caters Black Hole affects .In chapter 5; conclusion and future work is discussed.

Chapter 2

Literature Review

This chapter gives a brief summary of work carried out in the field of trust based computation. Different type of algorithms and approaches are used to carry out trust based computation. Different trust based computation of routing protocol is studied and is discussed in the chapter.

AODV is a reactive routing protocol which means that nodes will establish connection with other nodes on need basis. There are two phases in AODV, one is route establishment and other is data forwarding and route maintenance phase. AODV protocol consist of four control messages namely as Route Request (RREQ), Route Reply (RREP), Route Error (RERR and Hello Packets. Route acquisition is carried out with route request and route reply messages. In the AODV protocol, when a node wants to communicate with another node, it broadcasts a RREQ packet to its neighbors. The RREQ is propagated to neighbors of neighbors until it reaches the destination. The RREP packets set up a reverse path to the source of the RREQ on intermediate nodes that forward these packets. In this way, data packets are sent form source to destination node. If any intermediate node has a path already to the destination, then this intermediate node can send RREP packet, using the reverse path to the source. Otherwise, if there exists a route (or connectivity) in the network, the RREQ packet will eventually reach the intended destination. The destination node generates a RREP packet, and the reverse path is used to set up a route in the forward direction. Suppose there is a network consisting of 5 nodes namely A, B, C, D and E respectively. Node A wants to forward packets for node E. Initially it will consult its routing table .If it does not contain entry for node E, it will broadcast RREQ. Each intermediate node will receive the RREQ and check the destination address .If intermediate nodes do not contain destination node address, and then they will rebroadcast the route request to its neighboring nodes. In this way route request is propagated across the network until it reaches destination. Destination node E will respond by sending route reply to the source node A. In this way, a reverse path is made. When node A receives the RREP packet, it will check the freshness of the route reply .It will compare the destination sequence number of the route reply with the route destination sequence number in the routing table. If it is higher than the route destination number in the table, it will update the new route with the old one. After this it will start sending packets to the destination node. In Figure 2.1, if node C contains the destination of node E, then it could have replied to the route request generated by node A.

Figure 2â€‘1 Working of AODV

Types of Attacks

There are different types of attacks that are launched in MANETs to disrupt the normal flow of traffic. These attacks are namely Black Hole [1], Grey Hole and Worm Hole attacks.

In black hole attack, the malicious node will respond to any RREQ that it receives. It will send RREP to the source node, misguiding him that destination of data packets passes through it. For this purpose, it sends RREP with minimum hop count and highest destination sequence number. By doing this, it deceives the source that it is the fresh route. In response source node replaces the previous entry with this one. Black hole attack is the most lethal attack until know. If the malicious node is present near the source, it can drop the packet deliver ratio of the network to a range below 10%.

In grey hole attack, malicious node behaves normally during the route is established phase, but afterwards it starts dropping the data packets. This attack is also very common in MANETs.

The worm hole attack is a particularly severe attack on MANETs. Multiple malicious nodes are involved in this attack and capture packets from one location in the network and tunneled them to the other location in network. In the chapter, we will discuss a technique to counter black hole attacks using our trust model that is based on AODV protocol. A lot of work is carried out in detecting black hole attacks in MANETs.

Hiding Routing Information to avoid malicious Attacks

In [2], routing information is not visible to the intermediate nodes. Only source and destination nodes do have the complete information. Each node assign trust value to it neighbor. If the trust value is high for a certain neighbor, then key with small length is used to encrypt the routing information. If the trust value is minimal for any node, then that node is not included in the discovered path. They have identified three quatities.One is Security level that ranges from high to low. Then they have used trust factor whose value starts from 0 to 10.Then level of encryption is used that ranges from high to low. Each node evaluates the behavior of its neighbor. Based on its trust value, it then uses encryption to hide the routing information.

Cooperation of Nodes Fairness in Dynamic Ad hoc Networks Protocol

In [3], a protocol named as CONFIDANT is proposed. It mainly consist of two components i.e. reputation system and trust manager. The task of reputation system is to keep track of activities of it neighbors. It calculates the level of trust that a node has upon his neighbors. It maintains a log for events that takes place within a node. In other words; it monitors the activities of its neighbor nodes. Trust manager uses the information of reputation system to calculate trust. These trust values are periodically updated. It also maintains a list of nodes to whom it send information about any misbehaving node. In this way the misbehaving node is punished and isolated from the network. Trust calculation and routing information is based on the activities of nodes with each other.

Mitigating Routing Misbehaviour through Packet Conservation Monitoring Algorithm (PCMA)

In [4], authors proposed Packet Conservation Monitoring Algorithm (PCMA). The algorithm keeps track of each nodes transaction with neighbor nodes. But one shortfall with the technique is that they did not define the mechanism in which a node sending a packet to the neighbor node tracks that the neighbor had actually forwarded the packet to other nodes. In the paper, an algorithm is proposed to detect any selfish node. In order to conserve the energy, selfish node does not forward any packet which is not intended for it. It will always see the destination address. If the destination address is not equal to its own address, then the node will discard the packets .For the purpose, they keep track of each node forwarding behavior.

PCMA does not rely on any information sent by the suspicious node. It completely relies on the information sent/received by the surrounding neighbors of the suspicious node in order to decide whether the suspicious node is misbehaving or not. Each node maintains a transaction log for each of its neighbors. One is Tij which means number of packets the node i sends directly to neighbor j for j to forward to a further node. And other is the number of packets node I received from neighbor node j that did not originate at j.Then for a set of nodes I that surround j, sum of Tij must be equal to sum of Rij.

Figure 2â€‘2 Layout of the network

Consider the scenario shown in Figure 2.2 .The algorithm will determine the behavior of node13.Supposre there are 50 packets being sent from node 6 to node 13.According to the equation T (6, 13) becomes 50.Lets suppose that node 19 only receives 12 packets. In this way, R (19, 13) becomes 12.We took the sum of T(I,13) and R(13,i) of all the nodes. As in this case T (I, 13) is not equal to R (13, j).Algorithm detects node 13 as malicious node. In the paper, only detection mechanism is explained. The proposed algorithm does not stop the activities of the malicious node. The problem with this approach is that if nodes drop packets due to inherent nature of adhoc networks, then chances are high that the node will be wrongly detected as malicious node. They did not define the mechanism upon which transaction values be distributed among neighbor nodes. Another problem with this approach is that each neighbor participates in evaluating the behavior of the node. Only the nodes that performed transaction with that specific node must be considered. This will reduce the calculation overhead. In Figure 3.2, data path is from node 6 and 19.Second path is from 8 and 17.Only these four nodes should be used for evaluating the behavior of the node 13.

Trust Based Energy aware Reliable Reactive Protocol in MANET

In [5], authors proposed a trust based system to conserve energy in ad hoc networks. Route discovery messages are only sent to the trustworthy nodes assuming that malicious nodes can reduce the battery power by not forwarding the packets to the intended recipants.They used a trust model to check the trustworthiness of nodes in the network.

Performance Analysis of ad hoc network under black hole attacks

In [6], different network scenarios are discussed. They studied the impact of black hole attack on MANET. Statistics given in the paper are quite helpful in thwarting black hole attacks in different network scenarios. They modified the route reply mechanism in which first route reply message is discarded assuming it is coming from the malicious node behaving like black hole. But in practical environment, it is difficult to decide about the first route reply coming from any node can be malicious.

Network Processor for establishing Security Agent in MANETS

In [7], a network processor is added to work as a security agent. They have added a dedicated processor to monitor the network behaviour. Network processor (NP) is used to perform network tasks. In order to achieve high processing, parallel processing architecture is used. Denial-of-Service (DoS) attack is very common attack that compromises the security of Ad hoc networks. In order to provides security against these attacks Network Processor. Security agent is established by a hardware thread in NP. Agent are used to calculate the trustworthiness of the neighbours. Agent creates log for the RREQ and RREP messages stream together the key information. This information is then analyzed by intrusion detection algorithm.

Analyzing Control Packets to identify Malicious Nodes

In [8], authors have proposed a solution based on the control packet behavior of the black hole attack. The proposed solution only monitors the behavior of the control message. After receiving first RREP, it waits for a predefined time for second RREP.After the time elapses; it then takes desicion.Therefore average latency of control packets also increases which is not desirable. If the attacker chooses a destination sequence number that is close to other route reply values, then the proposed solution will fail. Authors analyzed control packets to make decision about the node behavior. They have modified the working of AODV. In the modified solution, every node waits for a predefined interval of time after receiving first route reply. Node stores all the route reply messages and compares the destination sequence number with stored values. If the destination sequence number is high, node is termed as malicious and further control packets are not sent and forwarded to that node. But the problem with the technique is that every time node has to wait longer than normal after receiving the route replies. Moreover, if the destination sequence number of the malicious node is close to other nodes destination sequence numbers, then the system will fail to identify the malicious node.

Trust Models for Identifying Misbehaving Nodes

In [9], a trust model is used to identify misbehaving nodes in both DSR and AODV routing protocol. Each node evaluates the behavior of other nodes and uses the trust value to identify the behavior of the nodes. Instead of data packets, they used control packets to determine the transaction behavior of each node. For detecting the behavior of other node, each node sent a probe packet to rest of the nodes in the network. This procedure is called knowledge of the sending node A against node B.They also uses experience of other nodes to evaluate the behavior of other nodes. Based on both knowledge and experience, they evaluate the behavior of each node. If the node behavior is less than a certain threshold value, then that node is identified as malicious. Nodes in the network are informed about the presence of that malicious node. After that each node builds route path by avoiding that malicious node. In this way, nodes collaborate with each other to build a system that is defiant to the malicious nodes. They do not follow the data packet path .Their model is build on control packet behavior. Each node sent additional packets to other nodes in the network after every second. The overhead associated with these packets is also large. Behavior of each node can easily be monitored by following the data packet forwarding behavior of each node. Once the node start dropping the data packets, they can be identified easily. So there is no need to send additional packets to capture the behavior of malicious nodes. In [10], authors discussed different trust model to be used in distributed environment. They explained vertical trust and horizontal trust and the impact of these trust values on distributed environment. In [11] two possible solutions against detection Black Hole are presented. In the first approach, each source node uses two or more paths to make decision in selecting the secure route. The second method uses the control information of packets to take decision for trustworthy routes. If the destination sequence number of the control packet is very high as compared to current destination sequence number, and then these packets are discarded. In [12], Dynamic learning technique is used .Euclidean distance is used to differentiate between the normal and anomalous behavior. First of all, feature selection is carried out. These features are then plotted in feature space and the Euclidean distance is calculated. In [13], black hole attack is simulated in ns2 environment. They used AODV routing protocol to launch black hole attack. Then they modified the existing protocol to cater the black hole attack. In the modified AODV, they used additional data structure to keep track of each packet sent. For each packet send, they save the information in pending packet table. Each packet sent is assign a unique packet id.These packets are kept in pending table until a predefined expiry time. After the expiry time, these packets are marked as failure. There is another table known as rating table. This table contains entry of the node neighbors and number of packets being forwarded and dropped by each neighbor node.These two values is used to calculate packet drop ratio. Based on the value, certain decisions are taken. If the value is less than the predefined threshold value, then the node is marked as misbehaving node. When routes are constructed then these misbehaving nodes are not considered in route discovery process. In the [14], node misbehavior is detected in two phases. One phase that is called watch Dog monitors the behavior of each node during the packet forwarding in the network. Based on the analysis of watchdog mechanism, path rater selects the data forwarding paths to mitigate misbehaving nodes. They have used this mechanism in DSR routing protocol. The watchdog mechanism detects misbehaving nodes. Consider that there is a path from node S to D that passes the intermediate nodes A,B, and B.Node A cannot transmit packet directly to node C.Therefore,when node A transmits packet to node C,it will send it to node B.Node B will send it to Node C and so on it reaches destination D. In the proposed solution watchdog is implemented that maintains a buffer of recently sent packets. These packets are then compared with each overheard packet with the packet in the buffer. If a match is found, the packet in the buffer is removed as it is assumed that packet has been sent to its intended receipent.If a packet remains in the buffer for longer period of time, the watchdog consider that this packet is a failure and increments a unsuccessful event for the node responsible for forwarding packets. If total number of failure exceeds a certain threshold value, it determines that the node is misbehaving. In second phase, path rater will choose only that path which is reliable. Based on the rating of watchdog, every node will check the rating of its neighbor node to determine the reliability. If the reliability of neighbor node is low, then node will not forward the packets to that specific node. It will choose another node instead of unreliable node. In this way, safest route is selected for packet forwarding. Watchdog mechanism will not work in presence of ambiguous collisions, receiver collisions and limited transmission power. In presence of these three weaknesses, packet will be lost and node will be unable to rate the node behavior. In [15], trust model is used to model the routing behavior of the network layer. In the proposed model, trust among nodes is represented by opinion, which is an item derived from subjective logic. These opinions changes over time and are periodically updated. For example if a node after showing misbehavior starts behaving normally, then opinion of other node will improve. In this way, it again becomes part of the network.

Chapter 3

Proposed Solution: Trust Based Computation for detection of node misbehaviour in Ad Hoc On-Demand Distance Vector (AODV) Routing Protocol

In our proposed solution, we have slightly modified AODV protocol. In our modified version, every node must sent acknowledgment of received packets. It is not necessary to send acknowledgment for every packet received. A circular buffer is used to maintain the record of acknowledgments. In this way buffer is recycled and older entries are marked as failure. These entries are then updated to calculate trust metric accordingly. Results of modified AODV is compared with original AODV that is already present in NS2 routing protocols.

Design Requirement

Our trust model meets the following requirement.

1) Dynamic Trust Computation: Trust values are dynamic. With every transaction these values are changed. Various parameters in our scheme are not fixed .Scaling factors are used to accommodate observation and recommendation values according to different networks and scenarios. There is a minimum trust value associated with each node. If any node trust value is less than minimum trust, then that node is marked as malicious. This minimum trust known as threshold value can be adjusted according to the security requirement of the network.

2) Distributed Trust computation: Our trust computation model is distributed across the network. So no centralized decision making is carried out .Due to distributed nature of our trust model, it adapts well in ad hoc network environment.

Trust Value Components

A minimum trust value is defined in the algorithm. This value is termed as threshold value. Every time a node wants to communicate with another node, it checks trust value and if it is above a predefined threshold, communication between the nodes takes place.

The following set of values is used to calculate the trust. Suppose there is a node A that wants to communicate with node B. It will compute the trust based on following components

Trust (A->B): It means the amount of trust node A shows in node B .The value is calculated on the basis of two quantities that is direct observation and recommendation value

Observation (A->B): Observation value is derived from successful transactions between node A and B. For example Node A has sent 1000 packets to node B and node B has sent the acknowledgment of all these transactions. Then Observation (A->B) will be equal to 1.

Recommendation (A->B): It is average of observation value of neighbor nodes A toward the node B. for example there are nodes C and D that are neighbors of node B. Observation(C->B) gives observation of node C on node B and Observation (D->B) means observation of D on B. Recommendation (A->B) will be the average of both these observations i.e. Observation (C->B) and Observation (D->B)

Alarm (A->B): Alarm (A->B) means that node A has sent a broadcast packet to the network informing all of them that Node B is malicious.

Trust Values Computation:

T (A->B) shows the level of trust node A has on Node B. It is based on observation value and recommendation value.

(W1*Observation (A->B) + W2*Recommendation (A->B))

T (A->B) = W3*Recommendation (A->B) If (Observation (A->B) =0

W1, W2 and W3 are scaling factors to control the impact of each quantity in computing trust. These scaling factors can be adjusted to meet the requirement of different networks. In this way we are imparting flexibility in the model.

Impact of scaling factors on the Solution

Case I: w1=1, w2 =0: In this case, the trust value will depend mainly on the observation value. For example, let w1= 0.99 and w2=1-w1=0.01, then

T(A->B) = W1*Observation (A->B) + W2*Recommendation (A->B) =0.501

Case II: w 1 â‰ˆ w 2: In this case, the trust value will tend to be the average of the observation value and the recommendation value. For example, let w1 = 0.51 and w2 = 1- w1 = 0.49, then

T(A->B) = 0.51* f (0.5) + 0.49*0.60 = 0.51*0.5 + 0.49*0.60 = 0.549

Case III: w3 =1: In this case, if Observation (A->B) = 0, the trust value will be equal to the recommendation value:

T(A->B) =1*0.60 = 0.60

Flow chart of Trust Based computation

Every node performs trust management process. When route initialization is started, every node checks the trust record associated for that node. If no record is found, minimum trust value is assigned to the node which is updated as transactions start happening among the nodes. In second scenario where trust record is found, this value is compared with the threshold value. If it is above or equal to the threshold value, then normal communication takes place. But if the value is less than threshold value, then node is marked as untrustworthy. Trust updation depends upon the amount of traffic that is taking place in the network. If the amount of traffic is large, then trust value should be calculated frequently. But if the amount of traffic is small, then it should be calculated infrequently. Trust Calculation should be based on the amount of traffic and this parameter is configurable.

Figure 3â€‘3Trust Management Process in nodes.

Proposed Algorithm

/* Pseudo Code */

Begin

T (A->B) = (W1*Observation (A->B) +

W2*Recommendation (A->B)

if (T (A->B) > Threshold && Observation(A->B)!=0 )

{

Allow Communication

Return

}

else

{

T (A->B) = W3*Recommendation (A->B)

If (T (A->B) > threshold)

{

Allow Communication

Return

}

else

{

Stop sending packet

Reinitialize route Discovery

Send Alarm (A->B)/* tell others B is malicious*/

}

End:

Route Maintenance

When each node collects sufficient information about the behaviour of its neighbour node, it starts making decision. Each node consults its trust value to start communication with neighbour nodes. Each node will send route request and route reply to only those nodes which are trustworthy. If the trust value of a node is less than threshold value, then future transaction with specific node will be stopped. Others nodes are also informed about the presence of malicious node. In this way, composite response is initiated against misbehaving nodes.

Trust Distribution

We will use a novel approach while distributing trust among nodes. Whenever a node is sending an acknowledgement to its previous hop node, it will insert its trust value along with the acknowledgment packet. In this way trust will be distributed among all the nodes.

Figure 3â€‘4Trust Distribution in the network

As shown in Figure 3.2, Trust value of E is sent to C, C is sent to B and so on until it reaches node A. In this way all the values are distributed across the network.

Chapter 4:

Implementation and Results

Simulation Results

For simulation, we used Network Simulator NS-2.34. At network layer we used our modified version of AODV.Comparision of modified AODV is carried out with original AODV that is already present in NS2 routing protocol library. We used UDP connections at transport layer. CBR data packets are generated for traffic purpose. Simulation is done using different scenario files with varying number of connections. Simulation parameters are shown in table 4.1

TABLE 4.1: Simulation Parameters

Parameter

Value

Total Simulation time

400 sec

Simulation Area

670m*670m

Total Number of Nodes

Radio Range

200

Maximum speed

20 m/s

Pause Time

10 sec

Data Payload

512 Bytes

Traffic Type

Constant Bit Rate (CBR)

Type Of Attack

Black Hole

Maximum Connection

Simulation Metric

We used following parameters to evaluate the performance of our scheme with AODV protocol.

Packet Delivery Ratio: It is the ratio of total numbers of packet successfully received at destination nodes to total number of packets sent by the source nodes in the network.

Packet Loss Ratio: It is the fraction of total number of packets lost and is calculated as follows:

Packet Loss Ratio= (1-PDR)*100

Average Latency: It is the mean time taken by data packets from source node to destination nodes.

Normalized Routing Overhead: It is the ratio of total number of control packets required for data transmission. Data transmission means that a node is either sending or forwarding a data packet.

Results Evaluation:

In Figure 4.1, packet delivery ratio of AODV is compared with modified AODV. In presence of small number of malicious nodes, PDR of original AODV drops considerably. From Figure 4.1, it is clear that PDR drops to 7 % in original AODV in presence of malicious nodes. But there is an improvement up to 91 % when modified AODV is used. Figure 4.2 shows the packet loss ratio; PLR is quite high in original AODV in presence of malicious nodes. But there is an improvement of 91% when modified AODV is used. The reason is that modified AODV always chooses a more reliable route by avoiding malicious nodes. Thus, the number of packets dropped by modified AODV is less than that of original AODV. It can be seen from Figure 4.3 that original AODV has a smaller average latency than modified AODV with five existing malicious nodes. The reason is that modified AODV can detect malicious nodes, and thus, exclude them from routing. So reliable routes are chosen at the cost of shorter routes .This high packet delivery ratio is achieved at the cost of average latency and routing overhead. Average latency in modified AODV is high due to selection of safer route instead of the shortest route. Increase in routing overhead is also evident from Figure 4.4. If we compare the advantages of our proposed solution with original AODV in terms of packet delivery ratio, then these performance penalties in the form of average latency and routing overhead are marginal. We are using trust model for monitoring the node behaviour. Therefore possibility of false positive is virtually zero. And this is why our approach is more robust and reliable than IDS and control packet monitoring systems where there is always possibility of wrongly detecting a node as malicious.

Figure 4â€‘5Packet Delivery Ratio

Figure 4â€‘6Packet Loss Ratio

Figure 4â€‘7Average Latency

Figure 4â€‘8Normalized Routing Overhead

Chapter 5

Conclusion and Future Work

The thesis has integrated trust management scheme in AODV routing protocol. The ad hoc routing protocol AODV has been extended to route packets based on behaviour of neighbour node. To be able to achieve this, conventional AODV protocol is enhanced and certain changes are carried out to monitor the behaviour of neighbour nodes. In this project, trust based scheme is being integrated into the routing protocol for detecting misbehaving nodes. The comparison between these routing protocols provides us useful information. Regarding the packet delivery ratio, there is a huge advantage that we gain from our modified AODV protocol. As for the average latency, modified AODV bears loss. It is due to the reason that trusted route is selected instead of the shortest route. Due to this, end to end delay increases in modified AODV protocol. Concerning the normalized routing overhead, it is slightly higher than the original AODV implementation. The aim in future work will be add more attacks and study their impact on routing protocol. In future, we want to integrate this routing protocol with any network intrusion detection system. This hybrid system will increase the capability to work in presence of other attacks that degrades the performance of the ad hoc networks to considerable extent. For example, if we use intrusion detection system on application layer along with trust based scheme on network layer, we will reduce the false alarm ratio considerably. It will enhance the performance of the system to greater limits with minimum routing overhead.

Figure 5â€‘9Hybrid System for Node Misbehaviour Detection

Figure 5-1 shows the architecture of our proposed hybrid system. Intrusion detection system will reside on application layer. Both these module will update the threat detection module. Before declaring any node malicious, they will consult the threat detection module about the present status. In this way both these will cooperate with each other to enforce a robust malicious detection system in which chances of error are minimal.

Routing Protocol For Mobile Ad Hoc Networks Computer Science Essay

You may also find these documents helpful