Analytical Termination of Malicious Nodes (ATOM): An Intrusion Detection System for Detecting Black Hole attack in Mobile Ad Hoc Networks

The decentralized administration and the lack of an appropriate infrastructure causes the MANET prone to attacks. The attackers play on the vulnerable characteristics of the MANET and its underlying routing protocols such as AODV, DSR etc. to bring about a disruption in the data forwarding operation. Hence, the routing protocols need mechanisms to confront and tackle the attacks by the intruders. This research introduces the novel host-based intrusion detection system (HIDS) known as analytical termination of malicious nodes (ATOM) that systematically detects one of the most significant black hole attacks that affects the performance of AODV routing protocol. ATOM IDS performs detection by computing the RREP count (Route Reply) and the packet drop value for each individual node. This system has been simulated over the AODV routing protocol merged with the black hole nodes and the resultant simulation scenario in NS2 has been generated. The trace obtained shows a colossal increase in the packet delivery ratio (PDR) and throughput. The results prove the efficacy of the proposed system.

     

An EDRI-based approach for detecting and eliminating cooperative black hole nodes in MANET

Mobile Ad hoc Network (MANET) is a self-configurable, self-maintenance network with wireless, mobile nodes. Special features of MANET like dynamic topology, hop-by-hop communications and open network boundary, made security highly challengeable in this network. From security aspect, routing protocols are highly vulnerable against a wide range of attacks like black hole. In black hole attack malicious node injects fault routing information to the network and leads all data packets toward it-self. In this paper, we proposed an approach to detect and eliminate cooperative malicious nodes in MANET with AODV routing protocol. A data control packet is used in order to check the nodes in selected path; also, by using an Extended Data Routing Information table, all malicious nodes in selected path are detected, then, eliminated from network. For evaluation, our approach and a previous work have been implemented using Opnet 14 in different scenarios. Referring to simulation results, the proposed approach decreases packet overhead and delay of security mechanism with no false positive detection. In addition, network throughput is improved by using the proposed approach.     

Security and performance enhancement of AODV routing protocol

A mobile ad hoc networks (MANET) is a decentralized, self‐organizing, infrastructure‐less network and adaptive gathering of independent mobile nodes. Because of the unique characteristics of MANET, the major issues to develop a routing protocol in MANET are the security aspect and the network performance. In this paper, we propose a new secure protocol called Trust Ad Hoc On‐demand Distance Vector (AODV) using trust mechanism. Communication packets are only sent to the trusted neighbor nodes. Trust calculation is based on the behaviors and activities information of each node. It is divided in to trust global (TG) and trust local (TL). TG is a trust calculation based on the total of received routing packets and the total of sending routing packets. TL is a comparison between total received packets and total forwarded packets by neighbor node from specific nodes. Nodes conclude the total trust level of its neighbors by accumulating the TL and TG values. The performance of Trust AODV is evaluated under denial of service/distributed denial of service (DOS/DDOS) attack using network simulator NS‐2. It is compared with the Trust Cross Layer Secure (TCLS) protocol. Simulation results show that the Trust AODV has a better performance than TCLS protocol in terms of end‐to‐end delay, packet delivery ratio, and overhead. Next, we improve the performance of Trust AODV using ant algorithm. The proposed protocol is called Trust AODV + Ant. The implementation of ant algorithm in the proposed secure protocol is by adding an ant agent to put the positive pheromone in the node if the node is trusted. Ant agent is represented as a routing packet. The pheromone value is saved in the routing table of the node. We modified the original routing table by adding the pheromone value field. The path communication is selected based on the pheromone concentration and the shortest path. Trust AODV + Ant is compared with simple ant routing algorithm (SARA), AODV, and Trust AODV under DOS/DDOS attacks in terms of performance. Simulation results show that the packet delivery ratio and throughput of the Trust AODV increase after using ant algorithm. However, in terms of end‐to‐end delay, there is no significant improvement. Copyright © 2014 John Wiley & Sons, Ltd.     

Black Hole Attack Prevention in Wireless Peer-to-Peer Networks: A New Strategy

Mobile peer-to-peer networking (MP2P) is a relatively new paradigm compared to other wireless network technologies. In the last 10–15 years, it has gained tremendous popularity because of its usefulness in applications such as file sharing over the Internet in a decentralized manner. Security of mobile P2P networks represents an open research topic and a main challenge regarding the vulnerability of these networks and their convenience to different security attacks such as black hole, Sybil, etc. In this work, we analyze the black hole attack in wireless P2P networks using the AODV as the routing protocol. In a black hole attack, a malicious node assumes the identity of a legitimate node, by creating forged answers with a higher sequence number, and thus forces the victim node to prioritize it as a relay node. We propose a solution based on a modification of the AODV routing protocol, taking into account the behavior of each node participating in the network. The performances of our proposal are evaluated by simulation.

     

DEBH: detecting and eliminating black holes in mobile ad hoc network

Security in mobile ad hoc network (MANET) is one of the key challenges due to its special features e.g. hop-by-hop communications, dynamic topology, and open network boundary that received tremendous attention by scholars. Traditional security methods are not applicable in MANET due to its special properties. In this paper, a novel approach called detecting and eliminating black holes (DEBH) is proposed that uses a data control packet and an additional black hole check table for detecting and eliminating malicious nodes. Benefiting from trustable nodes, the processing overhead of the security method decreases by passing time. Ad hoc on-demand distance vector (AODV) routing protocol is used as the routing protocol in our design. After finding the freshest path using AODV, our design checks the safety of selected path. In case of detecting any malicious node, it is isolated from the entire network by broadcasting a packet that contains the ID of malicious nodes. Simulation results show that DEBH increases network throughput and decreases packet overhead and delay in comparison with other studied approaches. Moreover, DEBH is able to detect all active malicious nodes which generates fault routing information.     

Efficient on-demand routing for mobile ad hoc wireless access networks

In this paper, we consider a mobile ad hoc wireless access network in which mobile nodes can access the Internet via one or more stationary gateway nodes. Mobile nodes outside the transmission range of the gateway can continue to communicate with the gateway via their neighboring nodes over multihop paths. On-demand routing schemes are appealing because of their low routing overhead in bandwidth restricted mobile ad hoc networks, however, their routing control overhead increases exponentially with node density in a given geographic area. To control the overhead of on-demand routing without sacrificing performance, we present a novel extension of the ad hoc on-demand distance vector (AODV) routing protocol, called LB-AODV, which incorporates the concept of load-balancing (LB). Simulation results show that as traffic increases, our proposed LB-AODV routing protocol has a significantly higher packet delivery fraction, a lower end-to-end delay and a reduced routing overhead when compared with both AODV and gossip-based routing protocols.     

无线传感器网络路由协议的设计与实现

针对传统路由协议端到端时延长、丢包率过高的现实问题,提出了一种基于贪婪转发的能量感知多路径路由协议(Greedy Forward Energy-aware Multipath Routing Protocol,GFEMRP)。GFEMRP从传感器起始结点出发,如果遇到网络黑洞则选择周边转发方式,否则将选择吞吐量大、且更接近于目的结点的结点作为下一跳结点。利用了OMNET++5.0和INET框架对包括无线自组网按需平面距离向量路由协议(Ad hoc on-demand distance vector routing protocol,AODV),动态按需无线自组织网络(Dynamic MANET On-demand,DYMO),贪婪周边无状态路由无线网络(Greedy Perimeter Stateless Routing for Wireless Networks,GPSR)和GFEMRP协议在内的四种路由协议进行了仿真和比较,实验结果表明GFEMRP协议具有良好的端到端时延、丢包率等性能。     

路由信息的攻击对AODV协议性能的影响分析

AODV协议是移动自组网络中一种按需反应的表驱动路由协议。在移动自组网中，每个节点既是计算机又是路由器，容易遭受基于路由信息的网络攻击，而现今的路由协议基本没有考虑到该问题。本文在分析移动自组网中针对路由信息主要攻击方法的基础上，建立了主动性和自私性两个攻击模型，并且在AODV协议中扩充实现了这两类攻击行为。通过对模拟结果的分析和比较，讨论了路由信息的攻击对AODV协议性能的影响，并进一步探讨了针对基于路由信息攻击的防御措施。     

A Scalable-Adaptive Snack Routing Strategy (SRS) for Semi-Administrated Mobile Ad Hoc Networks (SAMANETs)

Recently, Mobile Ad Hoc networks (MANETs) are growing in popularity and importance. They present a possible communication among a set of mobile nodes with no need for either a pre-established infrastructure or a central administration. However, in order to guarantee an efficient communication among network nodes, efficient routing algorithms should be established. Routing plays the central role in providing ubiquitous network communications services in such dynamic networks. The problem is further aggravated through the node mobility as any node may move at any time without notice. Several routing protocols had been proposed; however, most of them suffer from control packet flooding, which results in a scalability problem. In this paper, a new routing strategy for MANETs is proposed which is called Snack Routing Strategy (SRS). The basic idea of SRS is to continuously inform the network mobile nodes with any changes in the network topology without overloading the network by a huge amount of control messages. SRS is a hybrid routing strategy that relies on Learning by accumulation, hence, new routes can be discovered by learning the accumulative data stored in the nodes routing tables by several foraging artificial snacks. SRS uses no periodic routing advertisement messages but uses artificial snacks instead, thereby reducing the network bandwidth overhead and minimizing end-to-end transmission delay. SRS has been compared against two well known protocols AODV and DSR. Experimental results have shown that SRS outperforms both AODV and DSR as it introduces the minimal routing overheads.     

ARMR: Anonymous routing protocol with multiple routes for communications in mobile ad hoc networks

A mobile ad hoc network consists of mobile nodes that communicate in an open wireless medium. Adversaries can launch analysis against the routing information embedded in the routing message and data packets to detect the traffic pattern of the communications, thereby obtaining sensitive information of the system, such as the identity of a critical node. In order to thwart such attacks, anonymous routing protocols are developed. For the purposes of security and robustness, an ideal anonymous routing protocol should hide the identities of the nodes in the route, in particular, those of the source and the destination. Multiple routes should be established to increase the difficulty of traffic analysis and to avoid broken paths due to node mobility. Existing schemes either make the unrealistic and undesired assumption that certain topological information about the network is known to the nodes, or cannot achieve all the properties described in the above. In this paper, we propose an anonymous routing protocol with multiple routes called ARMR, which can satisfy all the required properties. In addition, the protocol has the flexibility of creating fake routes to confuse the adversaries, thus increasing the level of anonymity. In terms of communication efficiency, extensive simulation is carried out. Compared with AODV and MASK, our ARMR protocol gives a higher route request success rate under all situations and the delay of our protocol is comparable to the best of these two protocols.     

Security upgrade against RREQ flooding attack by using balance index on vehicular ad hoc network

VANET is an ad hoc network that formed between vehicles. Security in VANET plays vital role. AODV routing protocol is a reactive or on-demand routing protocol which means if there is data to be send then the path will create. AODV is the most commonly used topology based routing protocol for VANET. Using of broadcast packets in the AODV route discovery phase caused it is extremely vulnerable against DOS and DDOS flooding attacks. Flooding attack is type of a denial of service attack that causes loss of network bandwidth and imposes high overhead to the network. The method proposed in this paper called Balanced AODV (B-AODV) because it expects all network node behave normally. If network nodes are out of the normal behavior (too much route request) then they identified as malicious node. B-AODV is designed with following feature: (1) The use of adaptive threshold according to network conditions and nodes behavior (balance index) (2) Not using additional routing packets to detect malicious nodes (3) Perform detection and prevention operations independently on each node (4) Perform detection and prevention operations in real time (5) No need for promiscuous mode. This method for detection and prevention flooding attack uses average and standard deviation. In this method each node is employing balance index for acceptation or rejection RREQ packets. The results of the simulation in NS2 indicates B-AODV is resilience against flooding attack and prevent loss of network bandwidth. Comparing between AODV with B-AODV in normal state (non-attacker) shows B-AODV is exactly match with AODV in network performance, this means that the B-AODV algorithm does not impose any overhead and false positive to AODV.     

RMRPTS: a reliable multi-level routing protocol with tabu search in VANET

Vehicular ad hoc network (VANET), a subclass of mobile ad hoc networks (MANETs), is a promising approach for the intelligent transportation system (ITS). One of the main challenges in VANETs is establishment of vehicular communication and stable routing. Another problem of VANETs is their tendency of being trapped in a local optimum. In this paper, a reliable multi-level routing protocol based on clustering, RMRPTS has been introduced in VANETs. Even if this topology constantly changes, clustering based multi-level routing will create the possibility of self-organization and route maintaining; moreover, it will solve the problem of developing a trap in the local optimum using tabu search. At the first level, the proposed protocol is an extension of AODV routing protocol that has been improved using fuzzy logic in order to create reliable routing between cluster members. Tabu search has been used at a higher level for routing between cluster heads and destination. Tabu search is a meta-heuristic improved learning method used for solving hybrid optimization problems, and it uses cost function to select a solution among a set of possible solutions. The effective parameters used in the proposed method to select the best path include nodes distance, the velocity of nodes, node’s angle, link stability, and link reliability. The proposed protocol was simulated using an NS-2 simulator, and the results of its performance showed increased average packet delivery rate and decreased average end to end delays, number of packet losses compared with earlier protocols.     

MANET路由与路由安全问题

移动自组网MANET(Mobile Ad Hoc Networks)是一种新型的无线移动网络,由于它具有开放的媒质、动态的拓扑、分布式合作以及网络能力受限等特点,因此特别容易受到攻击。路由安全是MANET安全中的重要一环。介绍了移动自组网的路由协议以及面临的路由安全问题,重点分析了AODV路由协议的寻路过程以及其存在的安全问题之一———黑洞。在分析了一些已有解决方案存在的缺点的基础上,提出了一种新的解决方案,该方案有效地解决了黑洞问题,并消除了已有方案存在的漏洞。     

Mobile node aware opportunistic routing in dynamic wireless sensor network

Opportunistic routing (OR) could adapt to dynamic wireless sensor networks (WSNs) because of its inherent broadcast nature. Most of the existing OR protocols focus on the variations of propagation environment which are caused by channel fading. However, a few works deal with the dynamic scenario with mobile nodes. In this paper, a mobile node (MN) aware OR (MN-OR) is proposed and applied to a WSN in the high-speed railway scenario where the destination node is deployed inside a high speed moving train, and the MN-OR not only considers the mobility of node but also utilizes the candidate waiting time induced by the timer-based coordination scheme. Specifically, to reduce the number of duplicate transmissions and mitigate the delay of information transmission, a new selection strategy of the candidate forwarders is presented. In addition, two priority assignment methods of the candidate forwarders are proposed for the general relay nodes (GRNs) and the rail-side nodes (RSNs) according to their different routing requirements. Extensive simulation results demonstrate that the proposed MN-OR protocol can achieve better network performances compared with some existing routing schemes such as the well-known Ad-hoc on-demand distance vector routing (AODV) and the extremely opportunistic routing (ExOR) protocols.     

Deploying power‐aware on‐demand (PAOD) schemes over routing protocols of mobile wireless ad hoc networks

A mobile ad hoc network (MANET) is an autonomous collection of mobile nodes that communicate over relatively bandwidth‐constrained wireless links. MANETs need efficient algorithms to determine network connectivity, link scheduling, and routing. An important issue in network routing for MANETs is to conserve power while still achieve a high packet success rate. Traditional MANET routing protocols do not count for such concern. They all assume working with unlimited power reservoirs. Several ideas have been proposed for adding power‐awareness capabilities to ad hoc networks. Most of these proposals tackle the issue by either proposing new power‐aware routing protocols or modifying existing routing protocols through the deployment of power information as cost functions. None of them deal with counter‐measures that ought to be taken when nodes suffer from low power reserves and are subject to shut down in mid of normal network operations. In this paper, power‐awareness is added to a well‐known traditional routing protocol, the ad hoc on‐demand distance vector (AODV) routing protocol. The original algorithm is modified to deal with situations in which nodes experience low power reserves. Two schemes are proposed and compared with the original protocol using different performance metrics such as average end‐to‐end delays, transmission success rates, and throughputs. These schemes provide capabilities for AODV to deal with situations in which operating nodes have almost consumed their power reserves. Copyright © 2005 John Wiley & Sons, Ltd.     

DOA: DSR over AODV Routing for Mobile Ad Hoc Networks

We present a lightweight hierarchical routing model, Way Point Routing (WPR), in which a number of intermediate nodes on a route are selected as waypoints and the route is divided into segments by the waypoints. Waypoints, including the source and the destination, run a high-level intersegment routing protocol, while the nodes on each segment run a low-level intrasegment routing protocol. One distinct advantage of our model is that when a node on the route moves out or fails, instead of discarding the whole original route and discovering a new route from the source to the destination, only the two waypoint nodes of the broken segment have to find a new segment. In addition, our model is lightweight because it maintains a hierarchy only for nodes on active routes. On the other hand, existing hierarchical routing protocols such as CGSR and ZRP maintain hierarchies for the entire network. We present an instantiation of WPR, where we use DSR as the intersegment routing protocol and AODV as the intrasegment routing protocol. This instantiation is termed DSR over AODV (DOA) routing protocol. Thus, DSR and AODV—two well-known on-demand routing protocols for MANETs—are combined into one hierarchical routing protocol and become two special cases of our protocol. Furthermore, we present two novel techniques for DOA: one is an efficient loop detection method and the other is a multitarget route discovery. Simulation results show that DOA scales well for large networks with more than 1,000 nodes, incurring about 60 percent-80 percent less overhead than AODV, while other metrics are better than or comparable to AODV and DSR.     

Applying trust enhancements to reactive routing protocols in mobile ad hoc networks

Due to the characteristics of mobile ad hoc networks, such networks are more susceptible to the destruction of malicious attacks or denial of cooperation. It would be easy for an adversary or a malicious node to launch attacks on routing function, especially attacks on packet routing. In order to mitigate these hazards, we incorporate the concept of ‘trust’ into MANETs, and abstract a decentralized trust inference model. The core of this model is trust computation, which is divided into two parts: historical trust assessment and trust prediction. We can quantify a node’s historical trust based on its historical behaviors via introducing multiple trust attributes. The fuzzy AHP method based on entropy weights is used to calculate the weight of trust attributes. By making use of the obtained historical trust data sequence, we propose an improved dynamic grey-Markov chain prediction measure to effectively estimate node’s trust prediction. In order to verify the validity of our trust model, we propose a trust-enhanced unicast routing protocol and a trust-enhanced multicast routing protocol, respectively. Both of the two new protocols can provide a feasible approach to kick out the untrustworthy nodes and choose the optimal trusted routing path. Moreover, the new proposed data-driven route maintenance mechanisms can reduce the routing overhead. The persuasive experiments have been conducted to evaluate the effectiveness of the new proposed trust-enhanced routing protocols in the aspects of packets delivery ratio, end-to-end latency, malicious node detection and attack resistance.     

多跳蜂窝网互连性研究

将Ad Hoc网络与蜂窝网融合首要解决的问题是Ad Hoc如何接入蜂窝网,多数方案使用的是移动IP。提出了一种基于扩展Ad Hoc路由协议的多跳转发网络方案。Ad Hoc多种路由协议中可以实现Ad Hoc网络与蜂窝网互连的只有DSDV,但在移动场景中的低性能限制了它的发展。AODV是Ad Hoc路由协议中最有前途的协议,但它并不支持Ad Hoc节点接入基站的路由搜索。研究对AODV协议进行改进,以使它能支持移动节点到固定基站以及有线网络的寻路。     

Adding sense of spatial locality to routing protocols for mobile ad hoc networks

Recently, there has been an increasing interest in mobile ad hoc networks. In a mobile ad hoc network, each mobile node can freely move around and the network is dynamically constructed by collections of mobile nodes without using any existing network infrastructure. Compared to static networks, it faces many problems such as the inefficiency of routing algorithms. Also, the number of control packets in any routing algorithm increases as the mobile speed or the number of mobile nodes increases. Most of the current routing protocols in ad hoc networks broadcast the control packets to the entire network. Therefore, by reducing the number of control packets, the efficiency of the network routing will be improved. If we know where the destination is, we can beam our search toward that direction. However, without using global positioning systems, how can we do this? Define the range nodes as the 1‐hop or 2‐hop neighbors of the destination node. In this paper, we propose using the range nodes to direct our searches for the destination. It can be combined with the existing routing protocols to reduce the control overhead. We show through simulations that AODV and DSR combined with the range node method outperforms the original AODV and DSR routing protocols in terms of control packets overhead. We also show that the delay introduced in find range nodes is insignificant. Copyright © 2006 John Wiley & Sons, Ltd.     

Scalability enhancement of AODV using local link repairing

Dynamic change in the topology of an ad hoc network makes it difficult to design an efficient routing protocol. Scalability of an ad hoc network is also one of the important criteria of research in this field. Most of the research works in ad hoc network focus on routing and medium access protocols and produce simulation results for limited-size networks. Ad hoc on-demand distance vector (AODV) is one of the best reactive routing protocols. In this article, modified routing protocols based on local link repairing of AODV are proposed. Method of finding alternate routes for next-to-next node is proposed in case of link failure. These protocols are beacon-less, means periodic hello message is removed from the basic AODV to improve scalability. Few control packet formats have been changed to accommodate suggested modification. Proposed protocols are simulated to investigate scalability performance and compared with basic AODV protocol. This also proves that local link repairing of proposed protocol improves scalability of the network. From simulation results, it is clear that scalability performance of routing protocol is improved because of link repairing method. We have tested protocols for different terrain area with approximate constant node densities and different traffic load.