Providing an Optimized and Trusted Route Discovery in Wireless Networks through Secure TORA
Chintam. Anusha1 , A. Sravani2 , M.A.Praveen3
1Assistant Professor, Department of Computer Science and Engineering, Vignan's Institute of Information Technology (A), Visakhapatnam (Andhra Pradesh), India,[email protected], orcid: 0000-0002-7169- 632X
2Assistant Professor, Department of Computer Science and Engineering, Vignan's Institute of Information Technology (A), Visakhapatnam (Andhra Pradesh), India,[email protected]
2Assistant Professor, Department of Computer Science and Engineering, Vignan's Institute of Information Technology (A), Visakhapatnam (Andhra Pradesh), India, [email protected].
Abstract:
Now a day‟s security is a one of the challenging issues in wireless infrastructure less networks because in ad-hoc networks nodes moving from one place to another place because of this the topology of the network changes frequently. The changes in infrastructure may cause miscommunication in a network due to this may cause route modification attacks. On other side, packet dropping can be occur by data communication attacks, which will not affect the routing protocol. Temporally ordered routing protocol is one of the MANET routing protocol which is frequently affected by above-mentioned attacks. To avoid the problems some features are add to this basic TORA routing protocol for secure routing. The extensions include authentication means the identification of node is done and integrity means the message modification is not allowed. These features are provided by using one cryptographic secrete key algorithm hashed message authentication code, which gives the information about the sender, receiver and intermediate nodes for authentication and fast data validation and this protection Obtained acceptable results by using network simulator tool (NS2) on considered QOS metrics such as delay analysis, packet deliver ratio, throughput and packet drop. An average of packet drop and delay is decreases after applying the secured TORA protocol and it increases the packet delivery ratio and throughput.
Key words: wireless infrastructure less networks, routing attacks, Destination sequenced distance vector routing, integrity, authentication, and network simulator tool.
1. INTRODUCTION
Now a day‟s increasing the mobility of computing, which is very important for users.
Therefore, users can exchange messages and maintain connectivity while roaming through a wide area. In some areas, the necessary support for the mobile computing is being provide by installing access points and base stations [1, 2]. Users can access this type of mobile connectivity from home, office or while on the road. The wireless mobile networks are collection of mobile devices or nodes that are using wireless communication with infrastructure less or without centralized authority such as base station in wireless LAN.
The involved devices in the network has the collaboration between them and can be work as hosts and routers; both work together only in common agreement, without any knowledge of the network topology that surrounds them. Therefore, the network structure can be unpredictable and dynamic. Routing protocols, used in wired networks, cannot be used directly in the ad hoc mobile network [3]. There are many causes, such as bandwidth consumption, more than one route between two nodes; unidirectional connections between nodes and power supply are affected by the periodic updating of routing information and the slow convergence of routing protocol with respect to topology has changed dynamically. Therefore, efficient routing protocols are key components of successful communication in the mobile infrastructure minus the network. More logically, the less wireless network infrastructure is a technological solution for establishing communications in areas where infrastructure is not available or not accessible. A simple Wireless network is shown in Figure 1.
Figure 1: A Typical wireless network
In ad-hoc networks, routing is a more complicated because wireless networks face various issues such as frequently changing in network topology, open medium, centralized authority and issues in security [4]. Proving secure path is a major challenging security issues in wireless networks because various attacks occur in mobile networks during the route establishment from origin to sink node. Robust and efficient Routing protocols must be used to prevent from the routing attack in order to provide efficient and correct path between a node. Wireless ad-hoc networks contain various protocols regarding routing are proactive, reactive and hydride protocols [5].
TORA is a one of the reactive routing protocol that addresses bandwidth-saving issues by minimizing the effect of frequent changes in topology, which is a particular feature of Ad-hoc networks due to node mobility. In this protocol, the use of the best paths to a secondary importance, long paths can be used to avoid the control induced by the discovery process of new paths. It is a highly efficient, adaptive and scalable routing protocol that allows for multiple routes between source and destination. In order to achieve this, the search for the best path is neglected not in terms of calculation but in terms of procedure. In this way a protocol will be able to choose a longer path
between the source and the destination node in order to avoid the costly process of discovering a new neighbor. In addition, TORA maintains several paths to the same destination and not only the best path, which has the effect of limiting the effects induced by a modification of the topology on the routing of the data. Due to this the stale routing is used when links are broken [6, 7, 8]. The stale route does not give the valid routing information to the destination node. Therefore, for better routing and data communication use the symmetric cryptographic method HMAC algorithm is apply on this basic proactive protocol and named it as symmetric cryptographic TORA. This approach uses message authentication code, hash function for finding a secure, safe route, and get the acknowledgement process of the nodes in network [9, 10]. The proposed method maintained the integrity, authentication and provides efficient message verification.
2. RELATED WORK
Many research works have been carrying out for providing the better and secure routing in the wireless mobile networks and proposed different secure routing protocols on the existing basic routing protocols. These are useful to eliminate the misbehavior and anomalies nodes from the network. For example, a SRP (Secure Routing Protocol for Ad hoc Networks) based on SA (security association) between the origin and the sink nodes. Based on the public keys of the source and sink parties the SA can be establish by using hydride key distribution [11].
Royer, E.M et al [12], based on the basic AODV, a secure AODV protocol is found for secure routing and which will give information about the unauthorized users. The main aim of this protocol is to shield the path from the origin to sink node from all other nodes to prevent the direct attacks. An ad-hoc mobile network (MANET) is a wireless network such that nodes move dynamically in the network. In the network layer, many attacks, but only introduce the collaborative attack black hole, a group of black hole nodes easily employed against routing in mobile advertising networks called collaborative black hole attack. In this document, they introduced the trusted AODV routing protocol whose confidence value is calculated using the hyperbolic tangent function.
The result showed an improvement in performance compared to the standard AODV protocol. On DSR protocol, a different approach is applying to become a secure DSR that is a 2ACK approach useful to detect the misbehaving links [13, 14].
Sushama Singh; Atish Mishra; Upendra Singh [15], An ad-hoc mobile network (MANET) is a wireless network such that nodes move dynamically in the network. In the network layer, many attacks, but only introduce the collaborative attack black hole, a group of black hole nodes easily employed against routing in mobile advertising networks called collaborative black hole attack. In this document, they introduced the trusted AODV routing protocol whose confidence value is calculated using the hyperbolic tangent function. The result showed an improvement in performance compared to the standard AODV protocol.
Cordasco et al, given two-phase security to provide authentication and confidentiality of the data packet in network and link layers of the wireless mobile networks. In primary phase, design a trust based data packet sending scheme for recognizing or isolating the anomalies node by using network layer routing information, in this phase each node maintains the trust counter while forwarding the data packets. Suppose any node is rewarded or punished by increasing or decreasing the trust counter.in second phase, security is provided to the link layer by using CBC-X (cipher block chaining mode) of encryption and authentication [15].
3. METHODOLOGY
Wireless mobile networks contain many routing protocols, which are weak to security attacks. The main theme of routing attacks is to disturbance the normal functioning of the network by giving the incorrect updates about the routing [16]. The basic TORA is scalable and efficient, but it has no built-in security mechanisms. The basic TORA allows the attacker easily because of it is full of security vulnerabilities. Therefore, the attacker can easily carry out routing attacks in the process of data packet communication, path maintenance and route discovery.to solve the problem in current protocol apply the symmetric cryptographic HMAC [17] method for signing and encrypting message during communication. Following representations explain about the symmetric operation in TORA.
Let „H‟ and „S‟ are the host and sink nodes in the networks.
𝐾H𝑆 𝑜𝑟 𝐾𝑆H represents the shared symmetric key between H and S.
Each node consists of Hash function and Authentication Code.
𝑀𝐴𝐶𝑚 defined by 𝐻 (𝐾HS, m) gives the calculated MAC code of „m‟ between host „H‟
and sink „S‟ nodes. Where „m‟ is the message.
Generally, TORA algorithm maintains four phases for data communication are: Creation of Route, Maintenance, Deletion of Route and Optimization of Route. And also, it maintains the four different control packets for functioning of these four phases are: Query (QRY), Update (UPD), Clear (CLR) and Optimization (OPT). Before going sending of data packets from source to destination the protocol discovery the route. For this route discovery the protocol dispatches the QRY control packet to the destination. This QRY packet contains the destination node address. The QRY packet reached to destination through the neighbor nodes. The recipient neighbor node of the QRY packet broadcasts an UPD packet that lists its height with respect to the destination. If the sink itself replies to a QRY packet it sets the height to zero in the UPD packet. Each node that receives the UPD packet sets its own height greater than that in the UPD packet. This results in creation of a DAG (directed acyclic graph) with all links pointing in the direction of the sink as the root.
In secure TORA, if any link fails at that time protocol notice that except the destination remaining nodes still have an out of bound link. Thus, an UPD message is not generated by none of the nodes. So, the secure TORA creates temporary link by using nearest neighbor node with two mechanisms to give a safe routing in wireless networks. The two mechanisms are:
Non mutable field include sequence number or IP address of routing message „m‟, use HMAC (𝐾H𝑆, m)
Mutable field, which contains hope count information with one-way hash key chain.
While forwarding the QRY to the neighbor node the mutable field holds only the hop count information, include the all-possible shortest path links to reach the sink node and the remaining information like sequence numbers or IP address are hold by the non-mutable field that is remain unchanged [18,19]. The complete procedure is explaining by using the algorithms to reach the secure and safe routing given below.
Figure 2: Architecture of proposed work i. Algorithm. Security Values calculated for each node
Begin
Step1. First, compute the message authentication for each node.
Step2. State hash function.
Step3. Produce the hmac hop count chain.
Step4. Compute source address based on hash function.
Step5. Check the maximum hop count at each node before sending the QRY to neighbor node.
Step6. Take the secret key and compute signature.
Step7. Produce the signature.
End
ii. Algorithm. verify the hop count and Check signature integrity Begin
Step1. IF the generated signature is found as invalid THEN simply remove node from network.
ELSE forward data packet to next link.
Step2. IF maximum hop count value is found as invalid THEN destroy the packet
ELSE recalculate hash field End
4. WORKING OF Secure TORA
Host node H connect to the sink node S by using TORA protocol with the neighbor node A as shown in figure 3. first the host node (sender) computes the MACm = HKHS(QRY) using shared secrete key KHS between the destination and itself. The sender node uses the parameters of non- mutable field such as source, sink IP addresses, and sequence numbers excluding the hop count of QRY data packet for calculating the MAC code MACm by simply merging them [20,21]. For calculating the hop count list the sender node calculate the HMAC chain h1=HKHS (H, N), where N is the number of intermediate nodes. initially the hop count list is monotonically increasing due to each time the origin node sends the new QRY message [20].
When any intermediate link is broken for example the link from H to A is broken in this situation the secure TORA creates the temporary link through the neighbor node it has a safe and valid route to the specified sink node. the temporary link contains the one-hop [23] QRY and UDP messages. The host H finds the broken link and send the one-hop QRY message to all its neighbors.
The neighbor‟s gives a replay message as UDP. Among UDP messages the host selects the best valid route to reach the desired sink. The selected neighbor node F receives a packet and modify the
packet by adding IP address and sequence numbers of node H to the hop count list and hash chain field h1 is replace with h2 =HKFS (F, h1). Where KFS is a secrete key between neighbor node F and S. once the sink node S receives the data packet and verify the two following constraints.
Verify MACm = HKHS(QRY)
Sink node D verify the QRY message integrity by calculating the MAC code using the QRY non- mutable field.
Verify h3=HKMS(M,HKFS(F, HKHS(H,N)))
The sink node S gets the hop count list (H. F. M, S) and destination node calculate the hash chain by using hop count list and verify h3. If received h3 matches with the computed h1 at sink node, then the received intermediate node list is correct. Which means the hop count list not corrupted by any malicious node.
If above two conditions are satisfied, the received QRY message form source node H is authorized message. once the sink node S validate the received QRY message is valid then send the replay message in the same route to the origin node H [24,25]. Finally, the source node also follows the same procedure to authenticate the sink node.
Figure 3: creation of temporary path from host H to sink S.
4. RESULTS AND DISCUSSIONS
For simulation and result analysis used Ns2.34 simulator tool, it must require setting of simulation.
parameters and mobility models. To express the performance of the secure TORA Protocol following performance parameters are considered. The summarized simulation parameter is given in table 1.
Table 1: Simulation parameters Parameter Value
Time 800 s
Area of simulation 1000 x 1000 m2 Number of nodes 80
Transmission range 250m Channel capacity 2 Mbps Node Speed between 1-20 m/s Movement model Random Waypoint
Pause time 40 s
CBR flows 10 packet/s
Data payload 512 bits Initial Energy 1 jouls
Mac model IEEE 802.11
radio propagation
model TwoRayGround
Traffic model UDP-CBR
Routing Protocol STORA, TORA, SELFISH TORA
Following Figure 4 gives the delay analysis with respect security level of the secure TORA protocol. Delay can be express as a Packet, which takes more time to reach the sink from the host node. On x-axis taken security, Level and y-axis taken delay time. The E2E delay time is decreases with increasing the security level.
Figure 4: delay analysis with respect security level.
Following Figure 5 shows the number of packets drop vs time of the symmetric TORA protocol.
Packets drop also known as loss of packet. Which is describe as the data packets are not reach to the sink node successfully. Which can be occur due to network failures. In simulation Time taken on x-
axis and number of drops taken on y-axis. The loss of packets is zero in case of symmetric TORA why because the data packets are broad casting after providing the authentication to each device.
Figure 5: Packet drop vs time analysis.
Following Figure 6 shows the throughput analysis with respect to number of packets of the symmetric TORA. Throughput can be defined as data that can sent in a given unit of time. Time taken on x-axis and Throughput taken on y-axis. Initially the without secure TORA throughput value is decreased. After applying the secrete key to the TORA the throughput increases while increasing the simulation time.
Figure 6: throughput analysis based on number of packets.
Figure 7 gives the packet delivery ratio vs time of the secure TORA . Packet delivery ratio is nothing but ratio of number of data packets forward by origin node to the packets received by the
sink node. Time taken on x-axis and packet delivery fraction taken on y-axis. In symmetric TORA PDR (packet delivery ratio) is increased why because there is less chance of packet loss due to communication occur after providing the authentication to each node.
Figure 7: the packet delivery ratio vs time.
5. CONCLUSION
Secure and trusted routing is one of the critical problems in wireless mobile networks. In this paper, provided a better network performance and higher security to the designing of an efficient secure TORA routing protocol. An efficient secure TORA uses symmetric cryptographic approach hash- based message authentication code for establishing a secure optimal path between host and sink nodes. Certification and verification of QRY message is done at every node while travelling from one node to other by using pair wise shared secret key mechanism in the routing path. The proposed method providing both authentication and integrity of the message. The simulation results of cryptographic TORA minimize the packet drop and time delay. Maximize the throughput and packet delivery ratio. Therefore, an efficient secure TORA uses the verification and computation of security while route finding process. In future, the same method will be apply on the other categories of the mobile networks protocols and compare with secure TORA with the different network QOS metrics.
REFERENCES
[1] Abusalah, L., Khokhar, A., & Guizani, M. (2008). A survey of secure mobile ad hoc routing protocols. IEEE Communications Surveys & Tutorial, 10(4), 78-93.
[2] Goyal, T., Batra, S., & Singh, A. (2010). A literature review of security attack in mobile ad-hoc networks. International Journal of Computer Applications, 9(12), 11-15.
[3] H. Yang, H. Luo, F. Ye, S. Lu, and L. Zhang, “Security in mobile ad hoc networks: Challenges and solutions,” IEEE Wireless Commun., vol. 11, no. 1, pp. 38–47, Feb. 2004.
[4] Garg, N., & Mahapatra, R. P. (2009). MANET security issues. IJCSNS International Journal of Computer Science and Network Security, 9(8).
[5] Murthy, C.S.R., & Manoj, B. (2004). Ad hoc Wireless Networks: Architectures and Protocols.
Prentice Hall.
[6] I. D. Chakeres and E. M. Belding-Royer, “Aodv routing protocol implementation design,” in Proc. 24th Int. Conf. Distrib. Comput. Syst. Workshops, 2004, pp. 698–703.
[7] Hemanth Narra, Yufei Cheng, Egemen K. Çetinkaya, Justin P. Rohrer, and James P. G.
Sterbenz.. “Destination-sequenced distance vector (DSDV) routing protocol implementation in ns-3” in (SIMUTools '11).ICST, Brussels, Belgium, 2011, pp. 439-446.
[8] Zhou, L., Haas, Z.J.: Securing ad hoc networks. IEEE Network 13(6), 24-30 (November/December).
[9] M. Bouhorma, H. Bentaouit and A. Boudhir, "Performance comparison of ad-hoc routing protocols AODV and DSR," International Conference on Multimedia Computing and Systems, ICMCS '09, Pages511 - 514, 2009.
[10] Darren Hurley-Smith, Jodie Wetherall and Andrew Adekunle, “SUPERMAN: Security Using Pre-ExistingRouting for Mobile Ad hoc Networks”, IEEE TRANSACTIONS ON MOBILE COMPUTING, 2017.
[11] Sanzgiri, K. et al. (2002). A Secure Routing Protocol for Ad Hoc Networks. Computer
Science Department Faculty Publication Series. 49.
http://scholarworks.umass.edu/cs_faculty_pubs/49
[12] Royer, E.M., & Perkins C.E. (2010). An Implementation Study of the AODV Routing Protocol, Proceedings of the IEEE Wireless Communications and Networking Conference, Chicago.
[13] kejun Liu,jing Deng,Pramod K.Varshney,and kashyap Balakrishnan,”An acknowledgement- based approach for the detection of routing misbehavior in MANETs”,IEEE Transactions on mobile computing,vol-6,issue 5,may 2007,pp.536-550.
[14] T. V. P. Sundararajan, Dr. A. Shanmugam. ”Performance Analysis of Selfish Node Aware Ad-Hoc Networks”, ICGST- CNIR Journal, Volume 9, Issue 1, July 2009.
[15] Sushama Singh ; Atish Mishra ; Upendra Singh, “Detecting and avoiding of collaborative black hole attack on
MANET using trusted AODV routing algorithm”, Symposium on Colossal Data Analysis and Networking (CDAN), Electronic ISBN: 978-1-5090-0669-4, IEEE, 2016.
[16] Cordasco, J., & Wetzel, S. (2007). Cryptographic vs. trust-based methods for MANET routing security. Electronic Notes in Theoretical Computer Science, Elsevier, 197(2), 131-140.
Retrieved December 11.
[17] Abusalah, L., Khokhar, A., & Guizani, M. (2008). A survey of secure mobile ad hoc routing protocols. IEEE Communications Surveys & Tutorial, 10(4), 78-93.
[18] H. Krawczyk and P. Eronen, “Hmac-based extract-and-expand key derivation function (HKDF),” RFC 5869, May 2010, Doi: 10.17487/RFC5869.
[19] Buchegger, S., & Boudec, J.-Y.L. (2002). Cooperation of nodes fairness in dynamic ad-hoc networks. Pro-ceedings of IEEE/ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC).
[20] A. Adekunle and S. Woodhead, “An aead cryptographic framework and tinyaead construct for secure wsn communication,” in Proc. Wireless Adv., 2012, pp. 1–5.
[21] M. Guerrero-Zapata,”Secure ad-hoc on demand distance vector (SAODV) routing” - Draft, IETF Mobile Ad Hoc Networking Working Group, February 2005.
[22] G. RAJKUMAR, DR. K. DURAISAMY, “A Review of Ad Hoc On-Demand Distance Vector Routing Protocol for Mobile Ad Hoc Networks”, in Journal of Theoretical and Applied Information Technology, Vol. 36 No.1, 15th February 2012, Publication Year: 2012.
[23] Priya Dharshini.R, Prabhu.V,Rajes Singh .S, “Research on Implementation and Comparison of Routing Protocols in MANET Using NS2”, in International Journal of Science and Research, Volume 3, Issue 4, April 2014, Publication Year: 2014
[24] Ms.Nidhi Sharma Mr.Alok Sharma, “The Black-hole node attack in MANET”, in Second International Conference on Advanced Computing & Communication Technologies, 2012, Publication Year:2012.
[25] Anil Kumar Sharma and Neha Bhatia, “Behavioural Study of MANET Routing Protocols by using NS-2”,in IJCEM International Journal of Computational Engineering & Management, Vol. 12, April 2011; Publication Year: 2011.
[26] Seungjin Park, Seong-Moo Yoo, “An efficient reliable one-hop broadcast in mobile ad hoc networks,” Ad Hoc Networks, vol. 11, Issue 1, Jan. 2013, pp. 19-28.
