Documentos de Académico
Documentos de Profesional
Documentos de Cultura
6, June 2012
Journal of Global Research in Computer Science
RESEARCH ARTICLE
Available Online at www.jgrcs.info
Abstract- The nature of self-organization and the limitation of individual resources, MANET always confront security and selfishness issues. In
this thesis, we design trusted routing protocols using trusted frame works and intrusion detection system (secure protocol) f or MANET. Trust
combination algorithms and trust mapping functions are provided in this model, where the former can aggregate different opinions together to
get a new recommendation opinion. Based on this trust model, we design our trusted routing protocols for MANET called TAODV on top of Ad
Hoc On-demand Distance Vector (AODV) routing protocol. We extend the routing table and the routing messages of ADOV with trust
information which can be updated directly through monitoring in the neighborhood. When performing trusted routing discovery, unlike those
cryptographic schemes that perform signature generation or verification at every routing packet, we just combine the recommen ded opinions
together and make a routing judgment based on each element of the new opinion. In this way the computation overhead can be largely reduced,
and the trustworthiness of the routing procedure can be guaranteed as well. In this thesis, we implement the security and sel fishness issues of
wireless networks, either in non-cooperative form or in cooperative form. Our results show that the cumulative utilities of cooperative nodes are
increased steadily and the selfish nodes cannot get more utilities by behaving selfishly than cooperatively.
Keywords- MANET, AODV, Security, Trusted AODV.
INTRODUCTION
Many security schemes from different aspects of MANET
have been proposed in order to protect the routing
information or data packets during communications, such as
secure routing protocols and secure key management
solutions. Due to resource scarcity (battery power, memory,
and processing power) of nodes, securing MANET is quite
different from traditional schemes that generally involve
management and safe keeping of a small number of private
and public keys. The security mechanism for MANET, on
one hand, must require low computation complexity and a
small number of appended messages to save the node
energy. On the other hand, it should also be competitive and
effective in preventing misbehaviors or identifying
misbehaving nodes from normal ones. However, most of
these schemes assume that there are trusted third parties or
centralized servers who are responsible for issuing digital
certificates and keys or monitoring the behaviors of other
nodes. Centralized servers or trusted parties make the
network more controllable but they destroy the self
organizing nature of MANET and reduce the network
scalability. Even some schemes distribute the servers into
many nodes; there are still bottlenecks due to centralization.
If the scheme distributes the functions of servers into each
node of the network, it will introduce significant
performance overhead. Whats more, by requiring nodes to
generate and verify digital signatures all the time, these
solutions often bring huge computation overhead [1] and [2]
and [3]. Therefore, we need a self-organized light-weight
security scheme for mobile ad hoc networks.
In our work to be described in the thesis, we focused on
designing a secure routing mechanism for MANET in a selforganized way instead of using centralized servers. Our
solution is introducing the idea of trust to solve this
problem. Based on this trust model, we design our secure
routing protocol for MANET according to Ad hoc On JGRCS 2010, All Rights Reserved
Pankaj Sharma et al, Journal of Global Research in Computer Science, 3 (6), June 2012, 107-114
Pankaj Sharma et al, Journal of Global Research in Computer Science, 3 (6), June 2012, 107-114
Pankaj Sharma et al, Journal of Global Research in Computer Science, 3 (6), June 2012, 107-114
Theoretical Analysis:
From the performance point of view, our trusted routing
protocol introduces less computation overheads than other
security solutions for MANETs. Our design does not need to
perform cryptographic computations in every packet, which
will cause huge time and performance consumption. After
the trust relationships are established, the subsequent routing
operations can be performed securely according to trust
information instead of acquiring certificate authentication all
the time. Therefore, TAODV routing protocol improves the
performance of security solutions. Unlike some previous
security schemes, whose basis of routing operations is
blind distrust, TAODV does not decrease the efficiency of
routing discovery and maintenance. In detail, we analyze the
computation overhead of TAODV from two aspects. One is
the cost of each trust combination and update operation. The
other is the number of trust combination and update
operations when given a certain volume of data load.
The cost of trust combination is O(v), where v is the number
of a nodes neighbors. Each trust combination needs a
constant number of multiplications, where the length of
factor is 16 bit. Hence the overall cost of each trust
combination requires O (162v) bit operations. For security
solutions employing digital signature authentication, we use
the RSA signature scheme for example to measure the
computation cost of signature generation and verification. In
general when using a 2k-bit RSA signature, the generation
of signature requires O(k3) bit operations and the
verification requires O(k2) bit operations, where k is
recommended at least to be 1024 bits for most security
applications. We can conclude from this aspect that TAODV
achieves better computation performance compared to the
pure signature authentication solutions.
On the other hand, we compare the times of performing
digital authentication and trust updating when given a
certain traffic volume. The digital authentication scheme
usually needs to generate or verify signature for every
routing message. While in TAODV protocol, with the help
of expiry time of trust values, the trust updating times can be
significantly reduced. Let us assume that the total number of
routing packets propagated in the whole network is n, the
110
Pankaj Sharma et al, Journal of Global Research in Computer Science, 3 (6), June 2012, 107-114
Values
Examined Protocol
AODV, TAODV
Traffic type
Transmission range
100 m
Packet size
1024 bytes
Data rate
100 kb/s
Pause time
Minimum speed
Simulation time
Area
10 s
1m/s
900s
100X100 m
Pankaj Sharma et al, Journal of Global Research in Computer Science, 3 (6), June 2012, 107-114
That means for example that the group of the selfish nodes
in the 20% case is a superset of the group of the selfish in
the 10% case. Thus, that ensures that the impediments
present in lower percentage selfish nodes runs are also
present in higher percentage selfish nodes runs. After using
the trusted frame work and IDS in AODV then the overall
system called Trusted AODV. The graph 3 and 4 described
the selfish nodes and intrusion detection system in AODV
respectively.
Intrusion Detection System graph in AODV:
Performance Analysis:
In order to compare the performance of Trusted AODV
(TAODV) and normal AODV, both protocols are run under
identical mobility and traffic scenarios. First, an analysis of
normal well-behaved AODV network is done. Then, some
uncooperative nodes are introduced to the normal AODV
network and analysis of the performance is done. Following
JGRCS 2010, All Rights Reserved
e.
Pankaj Sharma et al, Journal of Global Research in Computer Science, 3 (6), June 2012, 107-114
Network Throughput:
The below figure 8 shows the results of the network
throughput of both protocols: normal AODV and TAODV
with different node speed and different percentages of
selfish nodes. From the 6.7 graph it is clear that the lack of
cooperation has fatal effect on the efficient working of the
network. This graph shows the dramatic fall in normal
AODVs network throughput with increasing percentage of
selfish nodes. The different curves show a network of 150
nodes with different percentages of selfish nodes, from 0%
up to 30%, and moving at different speeds. Here are some
points that can be observed in this graph:
In the case that there are no selfish nodes in the mobile ad
hoc network, both AODV and TAODV have almost
identical network throughput values. This proves that the
TAODV protocol is as efficient as AODV in delivering the
packets and discovering routes to any destination.
Pankaj Sharma et al, Journal of Global Research in Computer Science, 3 (6), June 2012, 107-114
[6].
[7].
[8].
[9].
[10].
[11].
[12].
[2].
[3].
[4].
114