Mobile Ad Hoc Networks (MANETs) are striking for military applications, due to this situation the capacity to transfer the secret message in the presence of adversaries is very essential. Adversaries may perhaps try for both passive and active forms of attack to classified data, modify the data, or disrupt the data flow [49].It is quite easy to find the active attacks rather than the passive attacks. The examples of active attacks are blackhole attacks, routing attacks, jamming and impersonation. The example of a passive attack is eavesdropping [49, 11].
In MANET it is very important to protect the secret message to be transferred from source to destination, the various security issues that comes up with this are data confidentiality, data integrity and data availability. Data integrity can be provided using Message Authentication Code (MAC) [19], whereas providing data confidentiality and data availability is reasonably difficult. Multipath routing schemes statistically enhances the data confidentiality and data availability in ad hoc networks. It is quite easy for the attackers to attack the data when the data is send on one path, whereas when the data is divided into parts and passed on different disorderly paths will automatically increases data confidentiality because it is difficult for the attacker to get all the parts of the data that are send in different paths between source and destination. In this paper we are going to see the multipath routing protocols that are used to solve the data security issues in ad hoc networks.
The rest of this paper is structured as follows. In Section 2 we discuss about Security Protocol for Reliable Data Delivery (SPREAD) [62], then Section 3 deals with Secure Message Transmission (SMT) protocol [38], then in Section 4 we look at Secured Data based Multipath Routing (SDMP) [48]. Finally Section 5 concludes the document.
2. SPREAD
The Security Protocol for Reliable Data Delivery (SPREAD) scheme enhances data availability and data confidentiality in mobile ad hoc networks [62]. The two basic techniques of SPREAD scheme are multipath routing and secret sharing. The SPREAD scheme operates in the similar manner: when a source node wants to send a secret message to the destination node, then source node will setup multipath routing algorithm to find multiple paths from source to destination node. After finding the multipath source determines the secret sharing scheme, based on the message security level and multiple paths to transform the message into multiple shares, then multipath routing algorithm is used to route the message shares to destination. At the destination messages are reconstructed after receiving certain number of shares. During this process if the intruder tries to attack the path through which message is passed, then intrusion detection mechanism [14] or the misbehaviour detection scheme [15] can be used to discover the compromised nodes immediately so that they can be removed from the network. Also Secure Message Transmission protocol [38] can be combined with SPREAD to identify the defective node. Three design issues occur in this scheme they are: how to split the message into multiple shares; how to send the shares onto each path; how to identify the desired multiple paths [62]. These problems are discussed in the coming sections.
2.1 Threshold secret sharing
Threshold secret sharing algorithm [22] is used to divide the message into multiple shares, with this (T, N) secret sharing algorithm it divides the message into N pieces they are referred as multiple shares. Due to secret sharing algorithm the possibility of capturing the message by adversaries are lowered, since the message is divided and send into multiple shares.
2.2 Share allocation
The divided shares must be allocated to different path in order to secure the message .In SPREAD scheme, share allocation technique uses N paths for N shares, therefore (N, N) secret sharing is allocated. Each share will have a separate path to reach destination that enhances the data security.
2.3 Multipath routing
Routing in mobile ad hoc networks is very difficult since the nodes are moving randomly and the network topology can change frequently, constantly, impulsively. Due to these issues in mobile ad hoc networks, multipath routing technique came into existence to solve this problem. The benefits of using multipath in mobile ad hoc networks can reduce the effect of unpredictable wireless links and the network topological changes. In SPREAD scheme we are dealing with nodes, so we need more node-disjoint paths. Several multipath routing methods are used to select the node-disjoint paths, some methods are diversity injection technique [18], split multipath routing [17], and on-demand multipath routing [19].Those protocols are all source routing and on-demand type. The multipath routing for SPREAD scheme is also on-demand and source routing approach.
The essential technique of SPREAD protocol is to hand out the Secret message, initial via secret sharing algorithm at the source node that is used generate message shares and then by multipath routing to distribute message shares across the network, so in this process it is possible to attack small number of shares but it is not possible to capture the entire secret message. The simulation results of SPREAD shows that with increase in number of paths to transmit message to the destination, rapidly reduces the active and passive attack. This outcome proves that the SPREAD scheme is competent of improving data confidentiality in ad hoc mobile networks.
3. SMT
Secure Message Transmission is a light weight protocol that shields the transmission of data against arbitrarily malevolent behaviour of the other nodes.SMT is an effective protocol that can operate in an end to end manner. The two phases comprised in communication of mobile ad hoc networks are: 1.route discovery 2.data transmission [38]. Both the phases are susceptible to a variety of attacks. Hence comprehensive security has to be provided to safeguard both the phases of MANET communication.
A secured association [6] has to be developed between the network nodes. A secure communication scheme is chosen by the pair of nodes. It is imperative for the two nodes to provide authentication to each other. The source and the destination make use of many and different paths that are judged valid at that time .These paths are called Active Path Set. The source calls upon the underlying route discovery protocol, amends its network topology view and decides the initial ASP that is used for communication with the destination.
Source Destination
Dispersed message
timer
timer
Re-transmit
ACK
Figure 1. Example of the Simple Message Transmission protocol
The sender distributes loosely the encoded message into four packets; in order to re-construct the message at the destination three packets are adequate. The four packets uses four disjoint paths where in two packets come intact with the receiver .The other two packets are compromised by the malevolent nodes between the corresponding paths. One packet is dropped and the other is modified.
The information from the first incoming packet is extracted by the receiver and waits for the subsequent packets while a reception timer is fixed. When the fourth packet arrives, the integrity of the message is checked using cryptographic analysis. This reveals data tampering and packet is rejected. When the timer expires, acknowledgement for the two successfully received packets is reported.
The two failing paths of the third and fourth packets are discarded and retransmission takes place over the other path. Before the expiration of timer, acknowledgement is reported for 3 out of 4 packets. A retransmission timer is set after the transmission of first packet to provide the total no of acknowledgements detected.
Bandwidth loss of a path (BWL) is defined to determine the effectiveness of the path rating mechanism [38].
BWL= 1/i=1/s+l(s=successful l=failure ones)
SMT is done using multiple paths [12] which provide Quality of Service (Qos) and load balancing in wired networks. Multiple paths existing multi-hop topologies are proposed for secure message transmission for MANET [7]. Every network node maintains metrics with the previous behaviour of the other nodes and a right path is selected to transmit the data [8].
The simulation result of SMT shows that it can offer lower end to end delay than unipath routing, it can manage large number of adversaries in the network, secure data forwarding after the discovery of the source and destination.
4. SDMP
The Secured Data based Multipath Routing (SDMP) in Mobile ad hoc network environment mainly focus on data confidentiality [49].The SDMP scheme uses Wired Equivalent Privacy (WEP) or Temporal Key Integrity Protocol (TKIP) to encrypt or decrypt the frames between the neighbouring nodes, which provides low layer authentication and confidentiality. Multipath routing is used to enhance the confidentiality when exchanging messages between the source and destination nodes.
4.1 SDMP Principle
In SDMP protocol the messages are divided into (n-1) shares and n routes or paths are taken to send the messages. In this one path is assigned for signalling and
(n-2) paths are used to transmit the original message. SDMP requires minimum of three paths to be present between the source and destination. In SDMP scheme the original message is divided into pieces and a unique identifier is attached to each piece of a message. Divided messages are paired and XOR-ed together and each pair are forwarded along different paths. Diversity Coding [3] is used to divide the message into pieces .Signalling path contains the pair combination information that is useful for message reconstruction at the destination. In SDMP scheme path cost function is worn to send data with each pair in order to reduce the time taken to reconstruct the message at the destination.
4.2 SDMP Architecture
As illustrated in Fig 3, to enhance data security in mobile ad hoc networks, SDMP protocol added a SDMP layer between the IP layer and transport layer (TCP/UDP) [48].IP layer will afford routing information and transport layer is used to provide retransmission. SDMP layer ensures data security during transmission. IP layer will find the different routes available and the quality of routes, in SDMP protocol minimum of three routes must be present to perform transmission or else error message will be generated. Both the source and destination must employ SDMP layer to provide security.
4.3 Paths selection in SDMP
Routing in ad hoc network is very difficult; since the nodes are expert of moving and the network topology changes rapidly and continuously. In SDMP multipath from the source to destination is maintained by Dynamic Source Routing (DSR) protocol. DSR will send a broadcast inquiry message throughout the network to check the different paths available and collects the replies from the destination, thereby sets up the multiple paths between the source and destination. DSR will forward the message shares through the multipath, if one path is compromised then all the shares allotted to it are compromised, otherwise the shares are safe at the destination. In SDMP maximum security is provided by non-redundant secret sharing scheme [48]. Therefore path selection criteria will make n paths and then takes first m most secure paths from n ones, the signalling information will be send with the more secure path.
The simulation result for SDMP shows that large message can be send easily since more paths are used. More paths in a network increases security and confidentiality, reduces the probability of getting the message damaged by the attackers.
5. Conclusion
In this paper, we discussed about the three multipath routing protocols in mobile ad hoc networks, the various benefits of multipath routing are
Delay
In MANET environment path failure occurs frequently during transmission of data, unipath routing suffers from end to end delay due to path failure whereas multipath routing has backup path to solve the path failure thereby reduces end to end delay.
Data confidentiality
In unipath routing data confidentiality solely depends on cryptographic mechanism, whereas in multipath data is divided into pieces and combined with WEP, then forwarded through different paths that gives double shielding for data confidentiality.
Bandwidth
Multipath routing uses more network bandwidth to transmit the message between the source and destination.
Data loss
The probability of reconstructing the message at the destination is very high in multipath routing than in unipath routing. It is very difficult for the adversaries to obtain the entire message that are sent at the source due to multipath in the network.
Therefore the Multipath routing is an essential and promising approach to enhance data security in mobile ad hoc networks.
