Analytical Termination of Malicious Nodes (ATOM): An Intrusion Detection System for Detecting Black Hole attack in Mobile Ad Hoc Networks

The decentralized administration and the lack of an appropriate infrastructure causes the MANET prone to attacks. The attackers play on the vulnerable characteristics of the MANET and its underlying routing protocols such as AODV, DSR etc. to bring about a disruption in the data forwarding operation. Hence, the routing protocols need mechanisms to confront and tackle the attacks by the intruders. This research introduces the novel host-based intrusion detection system (HIDS) known as analytical termination of malicious nodes (ATOM) that systematically detects one of the most significant black hole attacks that affects the performance of AODV routing protocol. ATOM IDS performs detection by computing the RREP count (Route Reply) and the packet drop value for each individual node. This system has been simulated over the AODV routing protocol merged with the black hole nodes and the resultant simulation scenario in NS2 has been generated. The trace obtained shows a colossal increase in the packet delivery ratio (PDR) and throughput. The results prove the efficacy of the proposed system.

     

A time stamp-based algorithm to improve security and performance of mobile ad hoc network

Mobile ad hoc network is open medium and infrastructure-less network. Mobile ad hoc network is susceptible to various security attacks such as, black hole attack, gray hole attack, bad mouthing attack, sybil attack and worm hole attack due to open medium, infrastructure-less features and lack of in-built security. In black hole attack and gray hole attack, attacker falsely sends route reply and dropped data packets received from source node. Due to these attacks, performance of mobile ad hoc network decreases. This paper proposes a time stamp-based algorithm which is an enhanced version of existing IDSNAODV algorithm. Proposed algorithm modifies existing palling process to validate identity of observer nodes using a time stamp-based approach. Based on defined set of rules and recorded activities report, source node decides the nature of target node. The performance of proposed algorithm is evaluated using the network simulator. The proposed algorithm shows improved performance for packet delivery ratio, throughput and routing overhead as compared to existing algorithm.

     

An EDRI-based approach for detecting and eliminating cooperative black hole nodes in MANET

Mobile Ad hoc Network (MANET) is a self-configurable, self-maintenance network with wireless, mobile nodes. Special features of MANET like dynamic topology, hop-by-hop communications and open network boundary, made security highly challengeable in this network. From security aspect, routing protocols are highly vulnerable against a wide range of attacks like black hole. In black hole attack malicious node injects fault routing information to the network and leads all data packets toward it-self. In this paper, we proposed an approach to detect and eliminate cooperative malicious nodes in MANET with AODV routing protocol. A data control packet is used in order to check the nodes in selected path; also, by using an Extended Data Routing Information table, all malicious nodes in selected path are detected, then, eliminated from network. For evaluation, our approach and a previous work have been implemented using Opnet 14 in different scenarios. Referring to simulation results, the proposed approach decreases packet overhead and delay of security mechanism with no false positive detection. In addition, network throughput is improved by using the proposed approach.     

A Novel Robust Routing Scheme Against Rushing Attacks in Wireless Ad Hoc Networks

Standard on-demand routing protocols in wireless ad hoc networks were not originally designed to deal with security threats. Because of that, malicious users have been finding ways to attack networks. Rushing attacks represent one of such possibilities. In these attacks, malicious nodes forward the Route Request (RREQ) packets, asking for a route, to the destination node quicker than the legitimate nodes do. This is possible because the legitimate nodes only forward the first received RREQ packet for a given route discovery. Besides, the attackers can tamper with either the Medium Access Control or routing protocols to get faster processing. As a result, the path through the malicious nodes is chosen, which renders throughput degradation. We propose here a novel, robust routing scheme to defend ad hoc networks against rushing attacks. Our scheme utilizes the “neighbor map mechanism” to establish robust paths as far as rushing attacks are concerned. The proposed scheme also improves path recovery delay by using, whenever it is possible, route maintenance rather than route discovery. Yet, it is energy efficient. The simulation results show that our proposal is indeed viable.     

Defense against Sybil attacks and authentication for anonymous location-based routing in MANET

In MANET, providing authentication and security to location-based routing is a big task. To overcome this problem, in this paper, we proposed a defense against Sybil attacks and authentication for anonymous location-based routing in MANET. Each random forwarder has a table of RSS values estimated from the previous message exchanges across a zone to detect the Sybil attack. The difference in RSS values of two neighboring nodes is estimated based on which the node’s arrival angle into the zone is detected. Depending on the arrival angle, the nodes can be categorized as safety zone and caution zone. The messages exchanged between the RFs and senders can be protected by means of group signature. Finally, misrouting packet drop attack is detected and eliminated by using ant colony optimization technique. By simulation results, we show the proposed technique reduces the packet drop due to attacks, thereby increasing the delivery ratio.     

A Shoelace-Based QoS Routing Protocol for Mobile Ad Hoc Networks Using Directional Antenna

In this paper, we propose a new quality-of-service (QoS) routing protocol for mobile ad hoc network (MANET) using directional antennas. The proposed scheme offers a bandwidth-based routing protocol for QoS support in MANET using the concept of multi-path. Our MAC sub-layer adopts the CDMA-over-TDMA channel model. The on-demand QoS routing protocol calculates the end-to-end bandwidth and allocates bandwidth from the source node to the destination node. The paths are combined with multiple cross links, called shoelace, when the network bandwidth is strictly limited. Due to the property of the directional antenna, these cross links can transmit data simultaneously without any data interference. We develop a shoelace-based on-demand QoS routing protocol by identifying shoelaces in a MANET so as to construct a QoS route, which satisfied the bandwidth requirement, more easily. The shoelace-based route from the source to the destination is a route whose sub-path is constructed by shoelace structure. With the identified shoelaces, our shoelace-based scheme offers a higher success rate to construct a QoS route. Finally, simulation results demonstrate that the proposed routing protocol outperform existing QoS routing protocols in terms of success rate, throughput, and average latency.     

Interference Aware Route Discovery in Wireless Mobile Ad Hoc Networks

In this paper, we propose an interference aware expanding region search algorithm to locate a destination in mobile ad hoc networks. In the proposed approach, signal to interference plus noise ration (SINR) is used in place of TTL field of a route request packet. The source node initializes the search query with a threshold value of SINR. Each relay node forwards the packet if its SINR satisfies the threshold criteria provided by the source node in RREQ packet. As a result, the low SINR nodes are removed in route discovery phase prior to the establishment of routes. The simulation results show that proposed algorithm provides significant improvement in performance of reactive routing protocol in terms of reduced routing overhead, reduced energy consumption, and increased network throughput.

     

Mobile ad hoc network proactive routing with delay prediction using neural network

Existing MANET routing protocols rely heavily on hop count evaluation. Although this is simple and efficient, it sacrifices the potential performance gains obtainable by considering other dynamic routing metrics. In this paper, we propose a delay prediction mechanism and its integration with a MANET proactive routing protocol. We demonstrate our approach of predicting mean queuing delay as a nonstationary time series using appropriate neural network models: Multi-Layer Perceptron or Radial Basis Function. To support MANET proactive routing, our delay prediction mechanism is devised as a distributed, independent, and continuous neural network training and prediction process conducted on individual nodes. We integrated our delay prediction mechanism with a well-known MANET proactive routing protocol—OLSR. The essential part of this integration is our TierUp algorithm, which is a novel node-state routing table computation algorithm. The structure and the key parameters of the resulting extended OLSR, called OLSR_NN, are also discussed. Our simulation shows that because of its capability of balancing the traffic, OLSR_NN is able to increase data packet delivery ratio and reduce average end-to-end delay in scenarios with complex traffic patterns and wide range of node mobility, compared to OLSR.     

A secure and trust based on-demand multipath routing scheme for self-organized mobile ad-hoc networks

A mobile ad hoc network (MANET) is a self-configurable network connected by wireless links. This type of network is only suitable for provisional communication links as it is infrastructure-less and there is no centralized control. Providing QoS and security aware routing is a challenging task in this type of network due to dynamic topology and limited resources. The main purpose of secure and trust based on-demand multipath routing is to find trust based secure route from source to destination which will satisfy two or more end to end QoS constraints. In this paper, the standard ad hoc on-demand multi-path distance vector protocol is extended as the base routing protocol to evaluate this model. The proposed mesh based multipath routing scheme to discover all possible secure paths using secure adjacent position trust verification protocol and better link optimal path find by the Dolphin Echolocation Algorithm for efficient communication in MANET. The performance analysis and numerical results show that our proposed routing protocol produces better packet delivery ratio, reduced packet delay, reduced overheads and provide security against vulnerabilities and attacks.     

Route Stability Based QoS Routing in Mobile Ad Hoc Networks

To provide high quality communications service among mobile wireless devices is basically a challenging task in wireless ad hoc networks. In this paper, we propose a Route Stability based QoS Routing (RSQR) protocol in Mobile Ad Hoc Networks (MANETs) which is an extension of QoS routing with throughput and delay constraints. Ensuring a data path to be valid for sufficiently longer period of time is a very difficult problem in MANET due to its highly dynamic nature. We propose a simple model for computing link stability and route stability based on received signal strengths. By including some extra fields in route request/reply packets, the route stability information can be utilized to select a route with higher stability among all the feasible routes between a given source destination pair. Further, inclusion of a signal strength based admission control enhances the performance of the routing. Results of our experiments show performance improvements in terms of packet delivery ratio, control overhead and average end-to-end delay in comparison with a QoS routing protocol proposed by Q. Xue and A. Ganz.     

Performance evaluation of mobile ad hoc networks under flooding‐based attacks

A mobile ad hoc network (MANET) is an open wireless network that comprises a set of mobile, decentralized, and self‐organized nodes. Its properties render its environment susceptible to different types of attacks, which can paralyze the mobile nodes in MANET. A particularly dangerous type of attack is run primarily under flooding bogus packet mechanisms, such as hello floods, routing table overflows, exploitation of node penalizing schemes, and resource consumption attack (RCA). Flooding‐based attacks impose severe effects because they are intended to consume MANET resources, such as bandwidth, node memory, and battery power. Therefore, identifying such effects facilitates the development of countermeasures against the intrusions. In this paper, we introduce a simulation‐based study on the effects of RCA on MANET. Qual Net v5.0.2 is used to examine the severity of the effects on MANET performance metrics in terms of throughput, end‐to‐end delay, energy consumption, and routing overhead. The effects of RCA are also monitored under two combinations of four factors: we first vary the number of attackers and attackers' positions, and then modify the attackers' radio range and flooding rate. We also examine the effect of flooding mechanism on the energy consumed by resource consumption attackers. Copyright © 2013 John Wiley & Sons, Ltd.     

Security Through Collaboration and Trust in MANETs

It is well understood that Mobile Ad Hoc Networks (MANETs) are extremely susceptible to a variety of attacks, and traditional security mechanisms do not work well. Many security schemes have been proposed that depend on cooperation amongst the nodes in a MANET for identifying nodes that are exhibiting malicious behaviors such as packet dropping, packet modification, and packet misrouting. We argue that in general, this problem can be viewed as an instance of detecting nodes whose behavior is an outlier when compared to others. In this paper, we propose a collaborative and trust-based outlier detection algorithm that factors in a node??s reputation for MANETs. The algorithm leads to a common outlier view amongst distributed nodes with a limited communication overhead. Simulation results demonstrate that the proposed algorithm is efficient and accurate.     

FPN‐SAODV: using fuzzy petri nets for securing AODV routing protocol in mobile Ad hoc network

In this paper, we use fuzzy Petri nets (FPNs) to propose a secure routing protocol in mobile ad hoc network. The proposed method is based on secure ad hoc on‐demand distance vector (SAODV), which is named FPN‐SAODV. In FPN‐SAODV routing protocol, for each packet delivery or firing each transition, a type of bidirectional node‐to‐node fuzzy security verification is conducted that can be carried out with five security threshold levels. This inference uses four fuzzy variables that have been selected to well represent the malicious behaviors of some public attacks in mobile ad hoc network. Furthermore, a through route security verification has been used for selecting the most secure route among each candidate path through source node to destination. Both of these verifications utilize FPN inherent features for their operation. For evaluation purpose, we used the metrics such as packet delivery ratio, end‐to‐end delay, average security level of the nodes, and percentage of true/false detector nodes. These metrics have been used for investigating the inner operation of FPN‐SAODV as determining the proper level of security threshold level in node‐to‐node security verification module. Also, these are used for comparison of FPN‐SAODV performance versus the original AODV. Copyright © 2015 John Wiley & Sons, Ltd.     

移动Adhoc网络中按需路由协议的安全性改进方案

在移动Adhoc网络中,安全性是保证其可用性的一个重要方面.文章提出了一种针对按需路由协议的安全性改进方案,这种方案采用了对邻居节点的身份即时认证、对远端节点按需认证、匿名寻找路由,逐跳加密传输的机制,能够有效地阻止恶意节点对网络的窃听、篡改等攻击,确保网络路由信息的安全.     

ARMR: Anonymous routing protocol with multiple routes for communications in mobile ad hoc networks

A mobile ad hoc network consists of mobile nodes that communicate in an open wireless medium. Adversaries can launch analysis against the routing information embedded in the routing message and data packets to detect the traffic pattern of the communications, thereby obtaining sensitive information of the system, such as the identity of a critical node. In order to thwart such attacks, anonymous routing protocols are developed. For the purposes of security and robustness, an ideal anonymous routing protocol should hide the identities of the nodes in the route, in particular, those of the source and the destination. Multiple routes should be established to increase the difficulty of traffic analysis and to avoid broken paths due to node mobility. Existing schemes either make the unrealistic and undesired assumption that certain topological information about the network is known to the nodes, or cannot achieve all the properties described in the above. In this paper, we propose an anonymous routing protocol with multiple routes called ARMR, which can satisfy all the required properties. In addition, the protocol has the flexibility of creating fake routes to confuse the adversaries, thus increasing the level of anonymity. In terms of communication efficiency, extensive simulation is carried out. Compared with AODV and MASK, our ARMR protocol gives a higher route request success rate under all situations and the delay of our protocol is comparable to the best of these two protocols.     

Applying trust enhancements to reactive routing protocols in mobile ad hoc networks

Due to the characteristics of mobile ad hoc networks, such networks are more susceptible to the destruction of malicious attacks or denial of cooperation. It would be easy for an adversary or a malicious node to launch attacks on routing function, especially attacks on packet routing. In order to mitigate these hazards, we incorporate the concept of ‘trust’ into MANETs, and abstract a decentralized trust inference model. The core of this model is trust computation, which is divided into two parts: historical trust assessment and trust prediction. We can quantify a node’s historical trust based on its historical behaviors via introducing multiple trust attributes. The fuzzy AHP method based on entropy weights is used to calculate the weight of trust attributes. By making use of the obtained historical trust data sequence, we propose an improved dynamic grey-Markov chain prediction measure to effectively estimate node’s trust prediction. In order to verify the validity of our trust model, we propose a trust-enhanced unicast routing protocol and a trust-enhanced multicast routing protocol, respectively. Both of the two new protocols can provide a feasible approach to kick out the untrustworthy nodes and choose the optimal trusted routing path. Moreover, the new proposed data-driven route maintenance mechanisms can reduce the routing overhead. The persuasive experiments have been conducted to evaluate the effectiveness of the new proposed trust-enhanced routing protocols in the aspects of packets delivery ratio, end-to-end latency, malicious node detection and attack resistance.     

Moralism: mobility prediction with link stability based multicast routing protocol in MANETs

In recent research, link stability is getting tremendous attention in mobile adhoc networks (MANETs), because of several impediments that occur in a reliable and robust network. Link stability metric is used to improve network performance in terms of end-to-end delay, data success delivery ratio (DSDR) and available route time (ART). Energy consumption, bandwidth and communication delay of major concern in ad hoc networks. A high mobility of MANET nodes reduces the reliability of network communication. In a dynamic networks, high mobility of the nodes makes it very difficult to predict the dynamic routing topology and hence cause route/link failures. Multicast in MANETs is an emerging trend that effectively improves the performance while lowering the energy consumption and bandwidth usage. Multicast routing protocol transmits a packet to multicast a group at a given time instant to achieve a better utilization of resources. In this paper, node mobility is considered to map better their movement in the network. So, the links with long active duration time can be identified as a stable link for route construction. Variation in signal strength is used to identify whether the direction of the node is towards or away from estimating node. We consider signal strength as QoS metric to calculate link stability for route construction. Efforts are made to identify the link with highly probable longer lifetime as the best suitable link between two consecutive nodes. We predict the movement time of nodes that define the route path to the node destination. Exata/cyber simulator is used for network simulation. The simulation results of the proposed routing protocol are compared with on-demand multicast routing protocol and E-ODMRP, which works on minimum hop count path. Analysis of our simulation results has shown improvement of various routing performance metrics such as DSDR, ART, routing overhead and packet drop ratio.     

移动自组网络中多径路由的匿名安全

多路径为移动自组网络提供的容错、负载均衡与QoS支持较单路径更有效可行,所以在战术无线自组网等类似系统中采用多径路由策略更能满足系统的实际需求.另外,这类系统对安全性的要求除了基本的通信内容机密、完整与可用等特性外,还要求通信者的身份与位置对敌人保密,为通信者及其使命提供保护.鉴于现有的移动自组网络的匿名路由协议都不是实用的多径路由协议,且未能有效防御被动攻击、拜占庭行为以及匿名的不充分性,本文设计了一种新型安全匿名的多径路由协议,其特点是:在移动自组网络中采用单私钥多公钥密码体制、Bloom Filter与轻型洋葱盲化算法,来实现通信者身份匿名、位置隐藏与路由不可追踪;为源节点提供充分的路由信息,基于充分的信息使用强化学习算法来提高系统抵御被动攻击与拜占庭攻击等路由安全攻击的能力,并增强数据传输的可靠性.通过仿真与分析,显示了算法有较好的性能并达到了所定义的匿名安全要求.     

Trust Based Detection and Elimination of Packet Drop Attack in the Mobile Ad-Hoc Networks

The mobile ad hoc network (MANET) is communication network of a mobile node without any prior infrastructure of communication. The network does not have any static support; it dynamically creates the network as per requirement by using available mobile nodes. This network has a challenging security problem. The security issue mainly contains a denial of service attacks like packet drop attack, black-hole attack, gray-hole attack, etc. The mobile ad-hoc network is an open environment so the working is based on mutual trust between mobile nodes. The MANETs are vulnerable to packet drop attack in which packets travel through the different node. The network while communicating, the node drops the packet, but it is not attracting the neighboring nodes to drop the packets. This proposed algorithm works with existing routing protocol. The concept of trusted list is used for secure communication path. The trusted list along with trust values show how many times node was participated in the communication. It differentiates between altruism and selfishness in MANET with the help of energy level of mobile components. The trust and energy models are used for security and for the differentiation between altruism and selfishness respectively.     

认知无线网络中基于主用户行为的联合路由和信道分配算法

针对认知无线网络中主用户行为将导致频谱瞬时变化而影响路由稳定性的问题,提出了一种基于主用户行为的路由和信道联合分配算法。该算法通过采用呼叫模型对主用户行为建模,并根据动态源路由协议的路由寻找机制,在目的节点等待多个路由请求分组后选择受主用户行为影响最小的路由,然后沿着所选定路径的反方向传送路由回复分组并完成信道分配。理论分析证明了算法中的链路平均持续时间期望与主用户活动概率成反比且具有与网络节点数成正比的计算复杂度。仿真结果表明,该算法具有比Gymkhana路由方案更高的分组投递率和更低的平均分组时延。