routing protocol
Content
International Journal of Reviews in Computing
30th September 2011. Vol. 7 © 2009 - 2011 IJRIC & LLS. All rights reserved.
IJRIC
E-ISSN: 2076-3336
ISSN: 2076-3328
www.ijric.org
SECURE ROUTING PROTOCOLS IN MOBILE ADHOC NETWORKS-A SURVEY AND TAXANOMY
1
UMANG SINGH Asstt Prof., Department of Information Technology, I.T.S Management & IT Institute, Ghaziabad (U.P), India E-mail: [email protected], [email protected]
1
ABSTRACT Mobile Ad hoc Networks are assortment of mobile terminals or nodes, allowing no stationary infrastructure and centralized administration. A performance evaluation of routing protocol is very cumbersome due to various metrics involving dynamic topologies, mobility, routing limited resources, security etc. In this paper, various existing routing protocols were reviewed. It has been analyzed that efficiency of existing routing protocol degrades in the presence of attacks. Keeping in various attacks reports in literature and the protocol security algorithm; this paper attempts to review all such secure routing protocols comparing their relative metric and requirements. Keywords: Adhoc Network, Routing, Classification, Attacks, Secure Routing Protocols.
1. INTRODUCTION
Ever increasing days, Mobile ad hoc network is becoming the latest thrust era for researchers. MANET (Mobile Ad Hoc NETworks) is an autonomous system [1][2] and also assortment of various cooperative mobile terminals. Such networks are multihop, self organizing and self configuring network. In present scenario, there are currently two variations of mobile wireless networks [3][4][5]. The first kind is known as the infrastructure networks or Base Stations. These network communicates with the nearest base station which lies with in the range. Typical applications of this type of network include office Wireless Local Area Networks (WLANs) [6]. The second type of wireless network is called as infrastructure less mobile network, commonly known as an Ad hoc Network. Due to no stationary infrastructure, all nodes can move freely, topology may change rapidly and unpredictably over time, and nodes have to form their own mutual infrastructures. Example of MANET applications[7][8] include law enforcement operations, automated military applications, Disaster relief applications, interactive lectures or conferences, Intelligent buildings, logistics etc. In adhoc network, finding a path between two hosts using routing protocol is a very herculean task due to their highly dynamic topology, absence of centralized administration [1]. Designing of routing protocol in adhoc network 9
depends various factors like mobility, bandwidth, resource constraint, hidden and exposed terminal problems etc. Thus, routing protocol is structured for purposes such as fully distributed, adaptive frequent and stable topology, loop free and minimum number of collisions. The rest of this paper is organized as follows. In Section 2, we present revolution of existing routing protocols and focus of security characteristics to make them secure. Section 3 presents involvement of attacks in adhoc networks. Section4 discusses various existing secure routing protocol which are used to prevent attacks and other routing related problems. Conclusion is presented in future work.
2. COMPREHENSIVE SURVEY ON
ROUTING PROTOCOLS: Mobile ad hoc network does not rely [2-8] upon any fixed support infrastructure. By varying distance, connectivity and disconnectivity of nodes can be controlled. So, routing is very important issue in adhoc networks. Each node in the network must be able to take care of routing of the data and can discover multihop paths. B.S. Manoj et. al has categorized routing protocols based on methodologies such as (i) routing information update (ii) temporal information for routing (iii)Routing topology[9] (iv) Utilization of specific resources. This paper focuses categorization of routing protocol based on topology
International Journal of Reviews in Computing
30th September 2011. Vol. 7 © 2009 - 2011 IJRIC & LLS. All rights reserved.
IJRIC
E-ISSN: 2076-3336
ISSN: 2076-3328
www.ijric.org
concept which can be divided into three types as follows: (i) Proactive Routing Protocol (ii) Reactive Routing Protocol (iii) Hybrid Routing protocol. Table-driven routing protocols [10] (proactive routing) information periodically advertise to all nodes for maintaining up-to-date view of the network. Each node maintains information of other nodes in the routing tables and regularly updates information when node moves. So, these protocols are not suitable for large networks. And on-demand routing protocols (reactive routing) only discovers a new route when it is required to. Hybrid routing protocols maintains an efficient balance between both categories of protocols [1][3][5][7]. Nodes within a certain distance from the node concerned, or with in a particular geographical region, are said to be with in the routing zone of the given node. For routing within this zone, a table driven approach is used. where as nodes that are located beyond this zone, an on demand approach is used. Table-driven schemes are more expensive in terms of energy consumption as compared to the on demand schemes because of the large routing overhead incurred in the former. Hence, the ondemand approach is preferable for designing minimum energy routing protocols. Fig2 presents the detailed classification of routing protocols in mobile adhoc networks which mainly focuses on security feature for improving the performance of network. 3 CLASSIFICATION OF ROUTING PROTOCOLS: TABLE DRIVEN ROUTING PROTOCOLS: Such routing protocols are also known as proactive routing. Its concept is based on the periodic exchange of control messages which are sent locally or in throughout the network. Thus a route is frequently available when required. DSDV,LSP, R-DSDV,FSR(Fish State Routing),CGSR(Cluster head gateway search routing),OLSR(Optimized link state routing),HSR(Hierarchical State Routing),TBRPF (Topology based reverse path forwarding),DREAM(Distance Routing effect algorithm for mobility),STAR(Source Tree adaptive routing protocol) etc. are examples of table driven routing protocols. i.DSDV (Destination sequenced distance-vector routing protocol): DSDV [11][12] is an enhancement of Bellman Ford algorithm. Updation in table and sequence number leads to prevent problem like loops and count to infinity problem. In this mechanism, routes to all destinations are readily available at every node at all times. The tables are exchanged between
neighbors at regular intervals to keep up-to-date view of the network. Neighbor node use missing transmissions to detect broken links in the topology. When a broken link is found, it is assigned a metric value of infinity and the node that detected broken link broadcasted an update packet, to inform others that the link is chosen. ii. R-DSDV: It is an enhancement of DSDV and known as randomized version of Destination Sequenced distance vector [13]. It uses congestion control mechanism using probabilistic model. iii. LSP (Link State Protocol): This protocol [14] is based on link state algorithm and it is proactive in nature. It reduces the size of messages during transmission which controls flooding. It uses optimal number of hops in the entire network. iv. FSR (Fish State Routing): This protocol [15] based on the link state routing. FSR was designed to reduce message overhead in dynamic environment. Link state routing information broadcast the updated information throughout the network where as in FSR, routing information is disseminated. In this, node rapidly shares information with its nearest neighborhoods and less frequently with distant nodes. Thus it alleviates problem of message overhead but it increases bandwidth issue when node density increases. v. CGSR (Cluster head Gateway Search Routing): This protocol [16] is designed to provide effective membership and traffic management. It is based on distance vector routing protocol. In this protocol, the whole network can be partitioned into clusters. And each cluster maintains one cluster head and at least one gateway node. By using the concept of cluster, it reduces the size of table as compared to distance vector protocol. But the maintenance of cluster structure is a very difficult in CGSR. vi. OLSR (Optimized Link State Routing): This protocol is an enhancement [1] of LSR and follows the concept of multi point relays. Nodes regularly broadcast beacon messages to its one hop neighbors, which include the list of neighbors to which a link exists. vii.TBRPF (Topology based reverse path forwarding): TBRPF [17] is based on link state algorithm. It uses tree topology and dijkstra algorithm concepts to minimize overhead and increase robustness. Its Reverse path forwarding process is applicable to large networks which greatly decreases collision and traffic.
10
International Journal of Reviews in Computing
30th September 2011. Vol. 7 © 2009 - 2011 IJRIC & LLS. All rights reserved.
IJRIC
E-ISSN: 2076-3336
ISSN: 2076-3328
www.ijric.org
viii.DREAM (Distance Routing Effect Algorithm for Mobility): It is a proactive [18] routing protocol that follows the concept of directional flooding to forward data packets. Thus there will be multiple copies of each packet at the same time. This increases probability of using the optimal path; however, it decreases its scalability in large scale networks. REACTIVE OR ON DEMAND ROUTING PROTOCOLS: Such protocols are superior to proactive routing protocols and are reactive in nature, known as dynamic routing protocols. These protocols are based on on-demand route discoveries. Thus route are determined when they are required by the source node. i DSR: It is known [1][8] as source routing protocol. This protocol is particularly designed for use in multihop wireless adhoc networks. It maintains two mechanisms: Route Discovery: When a source node S (initiator) sends a packet to destination node (target node) D, it searches a possible route in its route cache. In this process, It stores discovered routes in route cache. Route discovery requires 7 fields during this process such as sourceid, destid, ReqID, Addresslist, Hoplimit, NetworkInterfaceList, Acknowledgment list. Initially source node contains address list as empty and RREQ message contains 3 fields as source ID, destination ID, Unique RREQ ID. Then source node broadcasts the message with in transmission range. Moreover, source node also maintains a replica of send message in its buffer which is known as send buffer. Time frame plays major important factor. Packets can be dropped (i) if buffer is overflow or (ii) route is not discovered with in specified time. When a node receives a RREQ message and itself it is detonate node then reverse process generated otherwise it searches its own route cache for a route to the target. And node id is added in the address list and again RREQ is broadcasted. Route Maintenance: To maintain this process, it is essential to maintain the routes that are stored in the route cache. ii AODV (Adhoc on demand distance vector routing): This protocol [19] is mixture of DSR and DSDV routing protocol. It uses route discovery process same as DSR make use of hop by hop routing like DSDV. It differs with DSR in the way that it does not store the information of entire route in its buffer. And Route maintenance is same as DSDV. 11
iii FORP(Flow Oriented Routing Protocol): FORP[1][3][5] is an on demand routing protocol and it is based on pure flooding mechanism. Moreover it maintains prediction based multi-hop handoff mechanism. This attempt is used to reduce the effect of communication failure. Its route request process is same as DSR. Additionally, each node that receives flow_req calculates link expiration time (LET). Due to this, destination could easily know when route is about to expire. If it expires, Destination node generated a Handoff message and propagated it by flooding. When source node receives this message, it can easily identify the optimal path to handoff. Then the source send flow_setup message along the newly chosen route. This protocol generates scalability problem in large networks. iv TORA: TORA [1][5][7] is distributed, dynamic and multihop routing protocol. It is based on the directed link reversal algorithms. This protocol is better than FORP in terms of efficiency, adaptability, scalability for large, dense mobile networks. This protocol is designed to minimize reaction to topological changes at a very low rate. v ABR (Associativity based routing protocol): This protocol [1][3][5][7] is based on source initiated on demand routing. It is also known as distributed long lived routing protocol for adhoc networks. Due to this feature, this protocols results higher attainable throughput. This protocols deals with fault tolerance when base station fails. vi PLBR (Preferred Link Based Protocol): This protocol minimizes control overhead by using subset of preferred list. Selection of this list can be based on degree of node. vii SSA (Signal Stability Based Adaptive Routing Protocol): It is an [3] on demand routing protocol and consider signal stability as a prime factor. In this signal strength is used to rectify a link as stable or unstable. SSA provides more stable routes as compared with shortest path routing protocols such as DSR and AODV. This protocol provides good link stability as compared to other protocols. HYBRID ROUTING PROTOCOL: i ZRP: (Zone Routing Protocol) It is known as hybrid zone routing protocol [5][7]. Such protocols are suitable for large area networks by adjusting the transmission range of nodes. The configuration of routing protocol is based on both proactive and reactive routing protocol. ii CEDAR (Core Extraction Distributed Adhoc Routing Protocol): It supports QoS
International Journal of Reviews in Computing
30th September 2011. Vol. 7 © 2009 - 2011 IJRIC & LLS. All rights reserved.
IJRIC
E-ISSN: 2076-3336
ISSN: 2076-3328
www.ijric.org
[1][3][5][7] reliable mechanism and based on extracting core nodes in the network. It employs a
distributed algorithm to select core nodes
Solution
Fig1: Classification of Routing Protocol[1] . Preferred Issue Basic Approach Protocol Used
Example
Watchdog & Pathrater (Colluding Mis Relay Attack) Black hole ,DoS Attacks Secure Routing Protocols
By Adding Monitoring components(for improving throughput) Cryptography
No provision when node collides, Limited Transmission Power, False Positives, Partial Dropping Expensive
DSR,OLSR,AODV
DSDV AODV DSR
SEAD, ARAN, SAR,CORE, PrAODV, SPREAD ARIADNE
Confirmation Deals with reliable AODV from neighbors groups only Guard Node Trust Not provide solution for AODV Calculation route selection Process Threat Model Divide node More Complex DSR into 4 types Table1: Secure Routing Protocols: Solution of Existing Network Layer Attacks listed in fig.1 Existing Secure Routing protocol: To meet the recent and rapidly increasing demand in decentralized environments like mobile ad hoc networks (MANETS)[36] the need for a secure 12 routing protocol becomes inevitable so that the attacks such as malicious routing misdirection, black hole, gray hole, denial of service etc. can be averted[37].
FREQ/FRREP
International Journal of Reviews in Computing
30th September 2011. Vol. 7 © 2009 - 2011 IJRIC & LLS. All rights reserved.
IJRIC
E-ISSN: 2076-3336
ISSN: 2076-3328
www.ijric.org
i Secure Link State Protocol: This protocol [38] provides secure proactive topology discovery which is beneficial for network operation. It is known as stand alone and self contained link state discovery protocol. It is responsible for securing the route discovery and distribution of link state information. This protocol is robust against Dos and Byzantine adversaries. But this protocol is still vulnerable to colluding attackers and other attackers. ii SEAD (Secure Efficient Adhoc Distance Vector Routing Protocol): It is[39] based on DSDV routing protocol. This protocol is used to guard against Denial of Service by using one way hash functions. It provides limited CPU processing capability. Long lived routing loops can be reduced by using destination sequence numbers. These destination sequence numbers provide replay protection of routing update messages in SEAD. iii SAODV: It is an enhancement over AODV [1][40] routing protocol that utilizes security feature like integrity and authentication. It uses digital signature to authenticate non mutable field of messages and hash chains to secure hop count information. IPSec provides secure network transmission in MANET for data messages. And digital signature is used when a RREQ is sent between source node to destination node. Primarily, sender node signs the message and intermediate node verifies the signature before generating of reverse route to the host. And destination node signs the RREP to its private key. iv CONFIDANT (Cooperation of nodes fairness in dynamic adhoc network): this algorithm[41] is enhancement of DSR routing and based on selection of selfish and unselfish nodes. Trust and routing calculation process is evaluated by experience, observation and behavior of other nodes, present in the network. It identifies routing misbehavior and maintains the provision of correct forwarding and traffic diversion. v ARAN : ARAN[42] is on demand secure routing protocol an it relies on digital certificates. By using certificate process, it provides authentication, message integrity and non repudiation. Thus it provides end to end guarantee during message delivery between source and destination. ARAN is capable of defending itself against spoofing, fabrication, modification, DoS and disclosure attacks. This protocol does not perform well when it is authenticated by selfish node itself and it also leads to wastage of bandwidth. vi ARIADNE: It is secure on [43] demand routing protocol and it is based on TESLA concept. 13
TESLA is an efficient authentication scheme that requires loose time synchronization. Firstly it verifies route authenticity and secondly it checks that no node is missing on RREQ message. It is vulnerable to an attacker that happens to be along the discovered route. This routing can authenticate any three schemes: (i) Shared secrets between each pair of nodes (ii) Shared secrets between communicating nodes combined with broadcast authentication or digital signatures. Ariadne needs the security association between the initiator every node including intermediate node and the source node. ARIADNE prevents attackers with uncompromised routes and also prevents many types of Denial-of-Service attacks. But it can not defend against active 1-1 attack. vii ENDAIRA: It is an improved version [44] of ARIADNE and provides solution where ARIADNE fails. It is based on provision on public key system concept. But it can not defend against man in middle attack. So further there is introduced another secure on demand routing protocol known as ENDIARA Loc. viii ENDAIRALoc: This protocol [44] provides solution over man in middle attack as well as wormhole attack. It uses location information of node to resist this attack. It uses pair wise secret keys i.e. symmetric key mechanism rather than public key mechanism. As a result, energy consumption reduces effectively. ix PrAODV: It is an enhancement of an AODV [45] routing. It uses prediction based routing to reduce route breakages which improves the performance. It maintains two additional parameter in RREP message of AODV such as velocity and location information. These parameters help to calculate predicted link value by which source node can easily predict lifetime of a node. x CORE: Michiardi and Molva has introduced this approach [46]. Suggested algorithm relies on DSR routing. It follows reputation mechanism for monitoring of the cooperativeness of nodes. This mechanism uses the nodes’ reputation to forward packets through reliable nodes. xi SAR: It is an extension of AODV [47] routing protocol. This protocol considers trust level mechanism to take efficient and secure routing decision. In this a node can find a path through nodes with a particular shared key. It shares symmetric encryption key concept among the nodes. SAR increase overhead due to calculation of encryption and decryption process at each node. It can be implemented using any routing protocol.
International Journal of Reviews in Computing
30th September 2011. Vol. 7 © 2009 - 2011 IJRIC & LLS. All rights reserved.
IJRIC
E-ISSN: 2076-3336
ISSN: 2076-3328
www.ijric.org
xii BISS (Building Secure Routing out of an Incomplete Set of Security Associations)[1][48]: In this only the destination has security associations established with all nodes on the selected route. The sender will authenticate route nodes directly through security associations and indirectly the nodes which it does not have security associations. The suggested algorithm reduces length ratio. Authentication process can be done by using message authentication codes and digital signatures. It follows RREQ process, same as Ariadne. xiii TIARA (Techniques for Intrusionresistant, Ad Hoc Routing Algorithms)[49]: This protocol is used to protect against Resource depletion attack, Flow disruption attack, Route hijacking. This algorithm can be used with any other existing routing protocol. xiv SRP (Secure Routing Protocol): It is an on demand[50] routing protocol. It can discover all possible paths between two nodes. The sole assumption of the protocol is that at the beginning, all the nodes share a group key K and can be trusted. This algorithm is suitable for various applications like military and emergency situations. xv SPREAD (Security Protocol for Reliable data delivery): It provides data confidentiality [51] security service in routing protocols. It uses secret sharing scheme between neighboring nodes to strengthen data confidentiality. It overcomes the problem of eavesdropping and colluded attacks. xvi AODV-SEC: It is an improved version[52] of SAODV and extension of AODV routing protocol. It uses PKI as a trust anchor for node identification using X.509 certificates. X.509 version of AODV-SEC does not scale if the traffic load increases. It may be due to the cryptographic mechanisms. Although researchers [53-56][57-59] have designed security extensions for several existing protocols, many of which remove performance optimizations. Table4 illustrates the classification of secure routing protocols and also discuss issues of each protocol till date. Secure Categor Essential Routing y Requirements Protocol ARAN Reactive Online Trusted (2004) Certification RARAN Authority (2005) SAR Reactive Key Distribution or (2004) secret sharing mechanism SRP Reactive Existence of a 14
(2002)
SEAD (2003) CONFIDA NT (2002) ARIADNE (2002) ENDAIRA ENDAIRA Loc SAODV (2002) TIARA (2000) BISS (2003)
Proactiv e Reactive
security association between each source and destination Clock Synchronization Trust calculation
Reactive Reactive Reactive Reactive Reactive Reactive
TESLA Public Key System Symmetric Key Mechanism Online Key Management Scheme Online Public Key Infrastructure Provision of Shared Secret Key Mechanism Mobile gateways
PrAODV Reactive (2004) SPREAD Hybrid Threshold Secret (2004) Sharing AODVReactive X.509 Certificate SEC (2006) SLSP Proactiv TTP (2003) e Table 2: Classification of Secure Routing Protocol against attacks listed in Fig.1 Unfortunately, there is no proper protocol available in the literature which can manage to withstand all these attacks. Designing efficient routing protocols that provide both high security and high network performance is still a focus of recent research in this field. 4. CONCLUSION In this paper, an attempt is made to discuss various routing protocols and attacks that exist in adhoc networks. They were further categorized based on TCP/IP model. The paper presents the solution for further attacks (both passive and active) which were implemented in network layer. Various security metrices were also discussed. REFRENCES: [1]C. Siva Ram Murthy and B. S. Manoj, “Ad Hoc Wireless Networks, Architectures and Protocols,” first Indian reprint 2005,pearson publication. ISBN 81-297-0945-7 [2]Henrik Lundgren“Implementation and experimental evaluation of wireless ad hoc
International Journal of Reviews in Computing
30th September 2011. Vol. 7 © 2009 - 2011 IJRIC & LLS. All rights reserved.
IJRIC
E-ISSN: 2076-3336
ISSN: 2076-3328
www.ijric.org
routing protocol,” Acta Universitet upsaliensis-uppsala,2005. [3]C.E.Perkins, “Ad hoc Networking” ,Addison Wesley , 2001. [4]C.K.Toh, “Adhoc Mobile wireless networks: Protocols and Systems”, Prentice Hall ,New Jersy,2002. [5]Dr. Yogesh Chaba and Naresh Kumar Medishetti, “ Routing protocols in Mobile Ad hoc Networks-A Simulation Study Final”, JCS Vol1,No.1, August 2005. [6]Jim Geier, Wireless System Architecture: How Wireless Works.http://www.ciscopress.com/articles/arti cle.asp?p=344242&rl=1 [7]Aftab Ahmad, “Wireless And Mobile Data Networks”, Wiley Interscience, 2005. [8]E.M. Royer and C-K Toh, “A Review of Current Routing Protocols for Ad-hoc mobile wireless networks”, IEEE Personal Communications, April 1999. [9]Paolo Santi “Topology Control in Wireless Ad hoc and Sensor Networks”,John Wiley & Sons.Ltd,2005. [10]D. B. Johnson, “Routing in ad hoc networks of mobile hosts,” in Proc.IEEEWorkshop Mobile Computing Systems and Applications, Dec. 1994, pp. 158–163. [11]C.E. Perkins and P. Bhagwat, “Highly Dynamic Destination-Sequenced DistanceVector Routing (DSDV) for Mobile Computers,” Comp. Commun. Rev., Oct. 1994. [12]C. E. Perkins and P. Bagwig, “Highly dynamic destination-sequenced distance-vector routing (DSDV) for mobile computers,” in Proc. SIGCOMM’94 Conf. Communications Architectures, Protocols and Applications, pp. 234–244. [13]Azzedine Boukerche, Sajal K. Das, Alessandro Fabbri, “ Message traffic control capabilities of the R-DSDV protocol in mobile ad hoc networks”, In MSWIM '01: Proceedings of the 4th ACM international workshop on Modeling, analysis and simulation of wireless and mobile systems (2001), pp. 105-112. [14] Jacquet, P. and Clausen, T. and Laouiti, A. and Qayyum, A. and Viennot, Optimized link state routing protocol for ad hoc networks. IEEE International Multi Topic Conference . L. (2001). [15]A SCALABLE LOCATION SERVICE FOR GEOGRAPHIC AD HOC NETWORKS JUN LIU; WEI GUO; BAI LONG XIAO; FEI HUANG “MECHATRONICS AND AUTOMATION”, 2005 15
IEEE INTERNATIONAL CONFERENCE VOLUME 2, ISSUE , 29 JULY-1 AUG. 2005 PAGE(S): 831 836 VOL. 2 [16] Xiaoyan Hong, Kaixin Xu, and Mario Gerla, “ Scalable Routing Protocols for Mobile Ad Hoc Networks, 0890-8044/95/$05.00 2002 © IEEE Network [18] Liana Khamis Qabajeh, Dr. Miss Laiha Mat Kiah, Mohammad Moustafa Qabajeh, “ A Qualitative Comparison of Position-Based Routing Protocols for Ad-Hoc Networks”, IJCSNS International Journal of Computer Science and Network Security, VOL.9 No.2, February 2009 [19] C. Perkins, “Ad-hoc on-demand distance vector routing,” in MILCOM ’97 panel on Ad Hoc Networks., Nov. 1997. [20] Guevara Noubir, “On Connectivity in Ad hoc Networks under jamming using directional antennas and mobility”.http://www.ccs.neu.edu/home/noubi r/publications/N04.pdf [21] Anand Patwardhan,Jim Parker,Anupam Joshi, “Secure routing and Intrusion detection in Adhoc Networks”. http://www.csrc.nist.gov/groups/SNS/mobile_ security/documents/mobile_agents/nist-umbcadhocids-ipv6.pdf. [22] Raja Mahmood, R.A. Khan, A.I. , “ A survey on detecting black hole attack in AODVbased mobile ad hoc networks “,978-1-42441828-2@IEEE2007 [23] Stefano Marano, Vincenzo Matta, Lang Tong, “Distributed detection in the presence of Byzantine attacks”, ISSN:1053-587X ,IEEE Transactions,2009 [24] Bing Wu, Jianmin Chen, Jie Wu and Mihaela Cardei, “A Survey of Attacks and Countermeasures in Mobile Ad Hoc Networks”, Signals and Communication Technology, Wireless Network Security, 10.1007/978-0-387-33112-6_5, 2007 Springer [25] Bo Sun, Kui Wu, Udo W. Pooch. Alert aggregation in mobile ad hoc networks. Proc. ACM workshop on Wireless security, 2003. [26] M. Drozda, H. Szczerbicka. Artificial Immune Systems: Survey and Applications in Ad Hoc Wireless Networks. Proc. 2006 International Symposium on Performance Evaluation of Computer and Telecommunication Systems (SPECTS'06), pp. 485-492, Calgary, Canada, 2006. [27] J.-F. Raymond, “Traffic Analysis: Protocols, Attacks, Design Issues and Open Problems,” Proc. Workshop on Design Issues in
International Journal of Reviews in Computing
30th September 2011. Vol. 7 © 2009 - 2011 IJRIC & LLS. All rights reserved.
IJRIC
E-ISSN: 2076-3336
ISSN: 2076-3328
www.ijric.org
Anonymity and Unobservability, Berkeley, CA, July 2000, pp. 7-26. [28]Rashid Hafeez Khokhar, Md. Asri Ngadi and Satria Mandala, “A Review of Current Routing Attacks in Mobile Adhoc Networks”, International Journal of Computer Science and Security,Volume(2)issue(3). [29] Haining Wang,Danlu Zhang,Kang G.Shin “Detecting SYN Flooding Attack”, http://www.cs.wm.edu/~hnw/paper/attack.pdf [30] Udaya Kiran Tupakula Vijay Varadharajan,“A Practical Method to Counteract Denial of Service Attacks”,Information and Networked System Security Research, 2003, Australian Computer Society, Inc. [31] Computer Emergency Response Team. “CERT Advisory CA-2000-01 Denial- Of-Service Developments”.http://www.cert.org/advisorie s/CA-2000-01.html, Jan.2000. [32] Computer Emergency Response Team. “CERT Advisory CA-1999-17Denial-of-Service Tools”. http://www.cert.org/advisories/CA1999-17.html.[33] D.Dittrich: “The stacheldraht” distributed denial of service attacktool”. http://staff.washington.edu/dittrich/misc/stach eldraht.analysis.txt, Dec.1999. [34] D.Dittrich: “The Tribe Flood Network distributed denial of service attack tool”.http://staff.washington.edu/dittrich/misc/ tfn.analysis,Oct.1999. [35] Umang Singh, M.N.Hoda, “Mitigating attacks in Routing Protocol”, Proceedings of the national conference Computing for Nation Development, INDIACom-2007,Feb 2324,2007. [36] Vincent D. Park and M.Scott Corson, “ Temporally –Ordered Routing Algorithm(TORA) version1:Functionalspecification.Internet-Draft,draft-ietf-manettora-spec-00.txt,Novenber 1997.Work in Progress [37] David Lundberg Ad hoc Protocol Evaluation and Experiences of Real World Ad Hoc Networking, Department of Information Technology, Uppsala University, Sweden [38] Panagiotis Papadimitratos, Zygmunt J. Haas “ Secure Link State Routing for Mobile Ad Hoc Networks”, Applications and the Internet Workshops, 2003. Proceedings. 2003 Symposium on 27-31 Jan. 2003 Page(s):379 383,ISBN: 0-7695-1873-3 [39] Yih-Chun Hu ,David B. Johnson , Adrian Perrig “SEAD: secure efficient distance vector routing for mobile wireless ad hoc 16
[40]
[41]
[42]
[43]
[44]
[45]
[46]
[47]
[48]
[49]
networks”, 1570-8705/$ 2003 Published by Elsevier B.V. doi:10.1016/S15708705(03)00019-2 Manel Guerrero Zapata:"Secure Ad hoc OnDemand Distance Vector (SAODV) Routing" INTERNET-DRAFT draft-guerrero-manetsaodv-06.txt. September 2006. Sonja Buchegger, JeanYves Le Boudec, “Performance Analysis of the CONFIDANT Protocol (Cooperation Of Nodes: Fairness In Dynamic Adhoc NeTworks)”, MOBIHOC’02, June 911, 2002, EPFL Lausanne, Switzerland. Copyright 2002 ACM 1581135017/ 02/0006 . $5.00. Abdalla Mahmoud Ahmed Sameh Sherif ElKassas, “ Reputed Authenticated Routing for Ad Hoc Networks Protocol (ReputedARAN)” 0-7803-9466-6/05/$20.00 ©2005 IEEE Hu, Yih-Chun, Adrian Perrig, and Dave Johnson. "Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks." In Proceedings of the Eighth Annual International Conference on Mobile Computing and Networking (ACM Mobicom), Atlanta, Georgia, September 23 28, 2002 Jing Liu, Fei Fu, Junmo Xiao and Yang Lu, “ Secure Routing for Mobile Ad Hoc Networks”, 0-7695-2909-7/07 $25.00 © 2007 IEEE DOI 10.1109/SNPD.2007.223 Vinod Namboodiri, Manish Agarwal, Lixin Gao, “A Study on the Feasibility of Mobile Gateways for Vehicular Ad-hoc Networks”, VANET’04, October 1, 2004, Philadelphia, Pennsylvania, USA. Copyright 2004 ACM 158113-922-5/04/0010 K. Mandalas, D. Flitzanis, G. F. Marias, P. Georgiadis, “ A Survey of Several Cooperation Enforcement Schemes for MANETs” 0-7803-9314-7/05/$20.00©2005 IEEE Mohammed Zeshan, Shoab A. Khan, Ahmad Raza Cheema, Attique Ahmed, “Adding Security against Packet Dropping Attack in Mobile Adhoc Networks”, ISBN 978-0-76953480-0 @2008 IEEE Srdjan Capkun, Jean- Pierre Hubaux, “BISS: building secure routing out of an incomplete set of security associations”, ISBN:1-58113-769-9 @ 2003 IEEE. Ranga Ramanujan, Atiq Ahamad, Jordan Bonney, Ryan Hagelstrom, Ken Thurber “ Techniques For Intrusion-Resistant Ad Hoc
International Journal of Reviews in Computing
30th September 2011. Vol. 7 © 2009 - 2011 IJRIC & LLS. All rights reserved.
IJRIC
E-ISSN: 2076-3336
ISSN: 2076-3328
www.ijric.org
Routing Algorithms”, 0-7803-65 12-6/$10.00 (C) 2000 IEEE. [50] Yih-Chun Hu, Adrian Perrig, “A Survey of Secure Wireless Ad Hoc Routing” ,May-June 2004@IEEE [51] Wenjing Lou , Wei Liu, Yuguang Fang, “ SPREAD: Enhancing Data Confidentiality in Mobile Ad Hoc Networks”, 0-7803-83567/04/$20.00 (C) 2004 IEEE Security and Privacy, doi:10.1109/MSP.2004.1 [52] Stephan Eichler and Christian Roman, “ Challenges of Secure Routing in MANETs : A Simulative Approach using AODV-SEC”, 1-4244-0507-6/06/$20.00 ©2006 IEEE [53] C. Perkins and P. Bhagwat, “Highly dynamic destination-sequenced distance-vector routing (DSDV) for mobile computers,” in ACM SIGCOMM’94 Conference on Communications Architectures, Protocols and Applications,1994, pp. 234–244. [54] D. B. Johnson and D. A. Maltz, “Dynamic source routing in ad hoc wireless networks,” in Mobile Computing, Imielinski and Korth, Eds. Kluwer Academic Publishers, 1996, vol. 353. [55] Josh Broch,David A. Maltz, David B.Johnson,Yih-Chun Hu,Jorjeta Jetcheva,”A Performance Comparision of Multi-Hop Wireless Ad Hoc Network Routing Protocols,MOBICOM 98 Dallas Texas USA. [56]Vincent D. Park and M.Scott Corson,”Ahighly adaptive distributed routing algorithm for mobile wireless networks.In Proceedings of INFOCOM’97,Airline House,Virginia. Available at http://www.cise.nsf.gov/anir/ww.html [57] Xiaoyan Hong, Mario Gerla, Guangyu Pei, Ching-Chuan Chiang A Group Mobility Model For Ad Hoc Wireless Networks, University Of California. [58]Gianni A. Di Caro “Analysis of simulation environments for mobile ad hoc networks”Technical Report No. IDSIA-24-03 December 2003,IDSIA / USI-SUPSI Dalle Molle Institute for Artificial Intelligence Galleria 2, 6928 Manno, Switzerland. [59] Michael Feeley, Norman Hutchinson, and Suprio Ray Computer Science Department, University of British Columbia, Vancouver, Canada “Realistic Mobility for Mobile Ad Hoc Network Simulation”.
AUTHOR PROFILE: Ms. Umang Singh has received the post graduate degree in computer applications from U.P Technical University, Lucknow (U.P) India in 2003. She is a research student of IPU, Delhi. Currently, she is an Asstt Professor at ITS Management and IT Institute, Ghaziabad, UP. She has received award from CSI delhi chapter in 2008. She has published more than 25 research papers in esteemed national/international conferences and journals. Her interests are in Data management, Information Security, Mobile communications, Vehicular networks, Sensor networks and Adhoc networks.
17
30th September 2011. Vol. 7 © 2009 - 2011 IJRIC & LLS. All rights reserved.
IJRIC
E-ISSN: 2076-3336
ISSN: 2076-3328
www.ijric.org
SECURE ROUTING PROTOCOLS IN MOBILE ADHOC NETWORKS-A SURVEY AND TAXANOMY
1
UMANG SINGH Asstt Prof., Department of Information Technology, I.T.S Management & IT Institute, Ghaziabad (U.P), India E-mail: [email protected], [email protected]
1
ABSTRACT Mobile Ad hoc Networks are assortment of mobile terminals or nodes, allowing no stationary infrastructure and centralized administration. A performance evaluation of routing protocol is very cumbersome due to various metrics involving dynamic topologies, mobility, routing limited resources, security etc. In this paper, various existing routing protocols were reviewed. It has been analyzed that efficiency of existing routing protocol degrades in the presence of attacks. Keeping in various attacks reports in literature and the protocol security algorithm; this paper attempts to review all such secure routing protocols comparing their relative metric and requirements. Keywords: Adhoc Network, Routing, Classification, Attacks, Secure Routing Protocols.
1. INTRODUCTION
Ever increasing days, Mobile ad hoc network is becoming the latest thrust era for researchers. MANET (Mobile Ad Hoc NETworks) is an autonomous system [1][2] and also assortment of various cooperative mobile terminals. Such networks are multihop, self organizing and self configuring network. In present scenario, there are currently two variations of mobile wireless networks [3][4][5]. The first kind is known as the infrastructure networks or Base Stations. These network communicates with the nearest base station which lies with in the range. Typical applications of this type of network include office Wireless Local Area Networks (WLANs) [6]. The second type of wireless network is called as infrastructure less mobile network, commonly known as an Ad hoc Network. Due to no stationary infrastructure, all nodes can move freely, topology may change rapidly and unpredictably over time, and nodes have to form their own mutual infrastructures. Example of MANET applications[7][8] include law enforcement operations, automated military applications, Disaster relief applications, interactive lectures or conferences, Intelligent buildings, logistics etc. In adhoc network, finding a path between two hosts using routing protocol is a very herculean task due to their highly dynamic topology, absence of centralized administration [1]. Designing of routing protocol in adhoc network 9
depends various factors like mobility, bandwidth, resource constraint, hidden and exposed terminal problems etc. Thus, routing protocol is structured for purposes such as fully distributed, adaptive frequent and stable topology, loop free and minimum number of collisions. The rest of this paper is organized as follows. In Section 2, we present revolution of existing routing protocols and focus of security characteristics to make them secure. Section 3 presents involvement of attacks in adhoc networks. Section4 discusses various existing secure routing protocol which are used to prevent attacks and other routing related problems. Conclusion is presented in future work.
2. COMPREHENSIVE SURVEY ON
ROUTING PROTOCOLS: Mobile ad hoc network does not rely [2-8] upon any fixed support infrastructure. By varying distance, connectivity and disconnectivity of nodes can be controlled. So, routing is very important issue in adhoc networks. Each node in the network must be able to take care of routing of the data and can discover multihop paths. B.S. Manoj et. al has categorized routing protocols based on methodologies such as (i) routing information update (ii) temporal information for routing (iii)Routing topology[9] (iv) Utilization of specific resources. This paper focuses categorization of routing protocol based on topology
International Journal of Reviews in Computing
30th September 2011. Vol. 7 © 2009 - 2011 IJRIC & LLS. All rights reserved.
IJRIC
E-ISSN: 2076-3336
ISSN: 2076-3328
www.ijric.org
concept which can be divided into three types as follows: (i) Proactive Routing Protocol (ii) Reactive Routing Protocol (iii) Hybrid Routing protocol. Table-driven routing protocols [10] (proactive routing) information periodically advertise to all nodes for maintaining up-to-date view of the network. Each node maintains information of other nodes in the routing tables and regularly updates information when node moves. So, these protocols are not suitable for large networks. And on-demand routing protocols (reactive routing) only discovers a new route when it is required to. Hybrid routing protocols maintains an efficient balance between both categories of protocols [1][3][5][7]. Nodes within a certain distance from the node concerned, or with in a particular geographical region, are said to be with in the routing zone of the given node. For routing within this zone, a table driven approach is used. where as nodes that are located beyond this zone, an on demand approach is used. Table-driven schemes are more expensive in terms of energy consumption as compared to the on demand schemes because of the large routing overhead incurred in the former. Hence, the ondemand approach is preferable for designing minimum energy routing protocols. Fig2 presents the detailed classification of routing protocols in mobile adhoc networks which mainly focuses on security feature for improving the performance of network. 3 CLASSIFICATION OF ROUTING PROTOCOLS: TABLE DRIVEN ROUTING PROTOCOLS: Such routing protocols are also known as proactive routing. Its concept is based on the periodic exchange of control messages which are sent locally or in throughout the network. Thus a route is frequently available when required. DSDV,LSP, R-DSDV,FSR(Fish State Routing),CGSR(Cluster head gateway search routing),OLSR(Optimized link state routing),HSR(Hierarchical State Routing),TBRPF (Topology based reverse path forwarding),DREAM(Distance Routing effect algorithm for mobility),STAR(Source Tree adaptive routing protocol) etc. are examples of table driven routing protocols. i.DSDV (Destination sequenced distance-vector routing protocol): DSDV [11][12] is an enhancement of Bellman Ford algorithm. Updation in table and sequence number leads to prevent problem like loops and count to infinity problem. In this mechanism, routes to all destinations are readily available at every node at all times. The tables are exchanged between
neighbors at regular intervals to keep up-to-date view of the network. Neighbor node use missing transmissions to detect broken links in the topology. When a broken link is found, it is assigned a metric value of infinity and the node that detected broken link broadcasted an update packet, to inform others that the link is chosen. ii. R-DSDV: It is an enhancement of DSDV and known as randomized version of Destination Sequenced distance vector [13]. It uses congestion control mechanism using probabilistic model. iii. LSP (Link State Protocol): This protocol [14] is based on link state algorithm and it is proactive in nature. It reduces the size of messages during transmission which controls flooding. It uses optimal number of hops in the entire network. iv. FSR (Fish State Routing): This protocol [15] based on the link state routing. FSR was designed to reduce message overhead in dynamic environment. Link state routing information broadcast the updated information throughout the network where as in FSR, routing information is disseminated. In this, node rapidly shares information with its nearest neighborhoods and less frequently with distant nodes. Thus it alleviates problem of message overhead but it increases bandwidth issue when node density increases. v. CGSR (Cluster head Gateway Search Routing): This protocol [16] is designed to provide effective membership and traffic management. It is based on distance vector routing protocol. In this protocol, the whole network can be partitioned into clusters. And each cluster maintains one cluster head and at least one gateway node. By using the concept of cluster, it reduces the size of table as compared to distance vector protocol. But the maintenance of cluster structure is a very difficult in CGSR. vi. OLSR (Optimized Link State Routing): This protocol is an enhancement [1] of LSR and follows the concept of multi point relays. Nodes regularly broadcast beacon messages to its one hop neighbors, which include the list of neighbors to which a link exists. vii.TBRPF (Topology based reverse path forwarding): TBRPF [17] is based on link state algorithm. It uses tree topology and dijkstra algorithm concepts to minimize overhead and increase robustness. Its Reverse path forwarding process is applicable to large networks which greatly decreases collision and traffic.
10
International Journal of Reviews in Computing
30th September 2011. Vol. 7 © 2009 - 2011 IJRIC & LLS. All rights reserved.
IJRIC
E-ISSN: 2076-3336
ISSN: 2076-3328
www.ijric.org
viii.DREAM (Distance Routing Effect Algorithm for Mobility): It is a proactive [18] routing protocol that follows the concept of directional flooding to forward data packets. Thus there will be multiple copies of each packet at the same time. This increases probability of using the optimal path; however, it decreases its scalability in large scale networks. REACTIVE OR ON DEMAND ROUTING PROTOCOLS: Such protocols are superior to proactive routing protocols and are reactive in nature, known as dynamic routing protocols. These protocols are based on on-demand route discoveries. Thus route are determined when they are required by the source node. i DSR: It is known [1][8] as source routing protocol. This protocol is particularly designed for use in multihop wireless adhoc networks. It maintains two mechanisms: Route Discovery: When a source node S (initiator) sends a packet to destination node (target node) D, it searches a possible route in its route cache. In this process, It stores discovered routes in route cache. Route discovery requires 7 fields during this process such as sourceid, destid, ReqID, Addresslist, Hoplimit, NetworkInterfaceList, Acknowledgment list. Initially source node contains address list as empty and RREQ message contains 3 fields as source ID, destination ID, Unique RREQ ID. Then source node broadcasts the message with in transmission range. Moreover, source node also maintains a replica of send message in its buffer which is known as send buffer. Time frame plays major important factor. Packets can be dropped (i) if buffer is overflow or (ii) route is not discovered with in specified time. When a node receives a RREQ message and itself it is detonate node then reverse process generated otherwise it searches its own route cache for a route to the target. And node id is added in the address list and again RREQ is broadcasted. Route Maintenance: To maintain this process, it is essential to maintain the routes that are stored in the route cache. ii AODV (Adhoc on demand distance vector routing): This protocol [19] is mixture of DSR and DSDV routing protocol. It uses route discovery process same as DSR make use of hop by hop routing like DSDV. It differs with DSR in the way that it does not store the information of entire route in its buffer. And Route maintenance is same as DSDV. 11
iii FORP(Flow Oriented Routing Protocol): FORP[1][3][5] is an on demand routing protocol and it is based on pure flooding mechanism. Moreover it maintains prediction based multi-hop handoff mechanism. This attempt is used to reduce the effect of communication failure. Its route request process is same as DSR. Additionally, each node that receives flow_req calculates link expiration time (LET). Due to this, destination could easily know when route is about to expire. If it expires, Destination node generated a Handoff message and propagated it by flooding. When source node receives this message, it can easily identify the optimal path to handoff. Then the source send flow_setup message along the newly chosen route. This protocol generates scalability problem in large networks. iv TORA: TORA [1][5][7] is distributed, dynamic and multihop routing protocol. It is based on the directed link reversal algorithms. This protocol is better than FORP in terms of efficiency, adaptability, scalability for large, dense mobile networks. This protocol is designed to minimize reaction to topological changes at a very low rate. v ABR (Associativity based routing protocol): This protocol [1][3][5][7] is based on source initiated on demand routing. It is also known as distributed long lived routing protocol for adhoc networks. Due to this feature, this protocols results higher attainable throughput. This protocols deals with fault tolerance when base station fails. vi PLBR (Preferred Link Based Protocol): This protocol minimizes control overhead by using subset of preferred list. Selection of this list can be based on degree of node. vii SSA (Signal Stability Based Adaptive Routing Protocol): It is an [3] on demand routing protocol and consider signal stability as a prime factor. In this signal strength is used to rectify a link as stable or unstable. SSA provides more stable routes as compared with shortest path routing protocols such as DSR and AODV. This protocol provides good link stability as compared to other protocols. HYBRID ROUTING PROTOCOL: i ZRP: (Zone Routing Protocol) It is known as hybrid zone routing protocol [5][7]. Such protocols are suitable for large area networks by adjusting the transmission range of nodes. The configuration of routing protocol is based on both proactive and reactive routing protocol. ii CEDAR (Core Extraction Distributed Adhoc Routing Protocol): It supports QoS
International Journal of Reviews in Computing
30th September 2011. Vol. 7 © 2009 - 2011 IJRIC & LLS. All rights reserved.
IJRIC
E-ISSN: 2076-3336
ISSN: 2076-3328
www.ijric.org
[1][3][5][7] reliable mechanism and based on extracting core nodes in the network. It employs a
distributed algorithm to select core nodes
Solution
Fig1: Classification of Routing Protocol[1] . Preferred Issue Basic Approach Protocol Used
Example
Watchdog & Pathrater (Colluding Mis Relay Attack) Black hole ,DoS Attacks Secure Routing Protocols
By Adding Monitoring components(for improving throughput) Cryptography
No provision when node collides, Limited Transmission Power, False Positives, Partial Dropping Expensive
DSR,OLSR,AODV
DSDV AODV DSR
SEAD, ARAN, SAR,CORE, PrAODV, SPREAD ARIADNE
Confirmation Deals with reliable AODV from neighbors groups only Guard Node Trust Not provide solution for AODV Calculation route selection Process Threat Model Divide node More Complex DSR into 4 types Table1: Secure Routing Protocols: Solution of Existing Network Layer Attacks listed in fig.1 Existing Secure Routing protocol: To meet the recent and rapidly increasing demand in decentralized environments like mobile ad hoc networks (MANETS)[36] the need for a secure 12 routing protocol becomes inevitable so that the attacks such as malicious routing misdirection, black hole, gray hole, denial of service etc. can be averted[37].
FREQ/FRREP
International Journal of Reviews in Computing
30th September 2011. Vol. 7 © 2009 - 2011 IJRIC & LLS. All rights reserved.
IJRIC
E-ISSN: 2076-3336
ISSN: 2076-3328
www.ijric.org
i Secure Link State Protocol: This protocol [38] provides secure proactive topology discovery which is beneficial for network operation. It is known as stand alone and self contained link state discovery protocol. It is responsible for securing the route discovery and distribution of link state information. This protocol is robust against Dos and Byzantine adversaries. But this protocol is still vulnerable to colluding attackers and other attackers. ii SEAD (Secure Efficient Adhoc Distance Vector Routing Protocol): It is[39] based on DSDV routing protocol. This protocol is used to guard against Denial of Service by using one way hash functions. It provides limited CPU processing capability. Long lived routing loops can be reduced by using destination sequence numbers. These destination sequence numbers provide replay protection of routing update messages in SEAD. iii SAODV: It is an enhancement over AODV [1][40] routing protocol that utilizes security feature like integrity and authentication. It uses digital signature to authenticate non mutable field of messages and hash chains to secure hop count information. IPSec provides secure network transmission in MANET for data messages. And digital signature is used when a RREQ is sent between source node to destination node. Primarily, sender node signs the message and intermediate node verifies the signature before generating of reverse route to the host. And destination node signs the RREP to its private key. iv CONFIDANT (Cooperation of nodes fairness in dynamic adhoc network): this algorithm[41] is enhancement of DSR routing and based on selection of selfish and unselfish nodes. Trust and routing calculation process is evaluated by experience, observation and behavior of other nodes, present in the network. It identifies routing misbehavior and maintains the provision of correct forwarding and traffic diversion. v ARAN : ARAN[42] is on demand secure routing protocol an it relies on digital certificates. By using certificate process, it provides authentication, message integrity and non repudiation. Thus it provides end to end guarantee during message delivery between source and destination. ARAN is capable of defending itself against spoofing, fabrication, modification, DoS and disclosure attacks. This protocol does not perform well when it is authenticated by selfish node itself and it also leads to wastage of bandwidth. vi ARIADNE: It is secure on [43] demand routing protocol and it is based on TESLA concept. 13
TESLA is an efficient authentication scheme that requires loose time synchronization. Firstly it verifies route authenticity and secondly it checks that no node is missing on RREQ message. It is vulnerable to an attacker that happens to be along the discovered route. This routing can authenticate any three schemes: (i) Shared secrets between each pair of nodes (ii) Shared secrets between communicating nodes combined with broadcast authentication or digital signatures. Ariadne needs the security association between the initiator every node including intermediate node and the source node. ARIADNE prevents attackers with uncompromised routes and also prevents many types of Denial-of-Service attacks. But it can not defend against active 1-1 attack. vii ENDAIRA: It is an improved version [44] of ARIADNE and provides solution where ARIADNE fails. It is based on provision on public key system concept. But it can not defend against man in middle attack. So further there is introduced another secure on demand routing protocol known as ENDIARA Loc. viii ENDAIRALoc: This protocol [44] provides solution over man in middle attack as well as wormhole attack. It uses location information of node to resist this attack. It uses pair wise secret keys i.e. symmetric key mechanism rather than public key mechanism. As a result, energy consumption reduces effectively. ix PrAODV: It is an enhancement of an AODV [45] routing. It uses prediction based routing to reduce route breakages which improves the performance. It maintains two additional parameter in RREP message of AODV such as velocity and location information. These parameters help to calculate predicted link value by which source node can easily predict lifetime of a node. x CORE: Michiardi and Molva has introduced this approach [46]. Suggested algorithm relies on DSR routing. It follows reputation mechanism for monitoring of the cooperativeness of nodes. This mechanism uses the nodes’ reputation to forward packets through reliable nodes. xi SAR: It is an extension of AODV [47] routing protocol. This protocol considers trust level mechanism to take efficient and secure routing decision. In this a node can find a path through nodes with a particular shared key. It shares symmetric encryption key concept among the nodes. SAR increase overhead due to calculation of encryption and decryption process at each node. It can be implemented using any routing protocol.
International Journal of Reviews in Computing
30th September 2011. Vol. 7 © 2009 - 2011 IJRIC & LLS. All rights reserved.
IJRIC
E-ISSN: 2076-3336
ISSN: 2076-3328
www.ijric.org
xii BISS (Building Secure Routing out of an Incomplete Set of Security Associations)[1][48]: In this only the destination has security associations established with all nodes on the selected route. The sender will authenticate route nodes directly through security associations and indirectly the nodes which it does not have security associations. The suggested algorithm reduces length ratio. Authentication process can be done by using message authentication codes and digital signatures. It follows RREQ process, same as Ariadne. xiii TIARA (Techniques for Intrusionresistant, Ad Hoc Routing Algorithms)[49]: This protocol is used to protect against Resource depletion attack, Flow disruption attack, Route hijacking. This algorithm can be used with any other existing routing protocol. xiv SRP (Secure Routing Protocol): It is an on demand[50] routing protocol. It can discover all possible paths between two nodes. The sole assumption of the protocol is that at the beginning, all the nodes share a group key K and can be trusted. This algorithm is suitable for various applications like military and emergency situations. xv SPREAD (Security Protocol for Reliable data delivery): It provides data confidentiality [51] security service in routing protocols. It uses secret sharing scheme between neighboring nodes to strengthen data confidentiality. It overcomes the problem of eavesdropping and colluded attacks. xvi AODV-SEC: It is an improved version[52] of SAODV and extension of AODV routing protocol. It uses PKI as a trust anchor for node identification using X.509 certificates. X.509 version of AODV-SEC does not scale if the traffic load increases. It may be due to the cryptographic mechanisms. Although researchers [53-56][57-59] have designed security extensions for several existing protocols, many of which remove performance optimizations. Table4 illustrates the classification of secure routing protocols and also discuss issues of each protocol till date. Secure Categor Essential Routing y Requirements Protocol ARAN Reactive Online Trusted (2004) Certification RARAN Authority (2005) SAR Reactive Key Distribution or (2004) secret sharing mechanism SRP Reactive Existence of a 14
(2002)
SEAD (2003) CONFIDA NT (2002) ARIADNE (2002) ENDAIRA ENDAIRA Loc SAODV (2002) TIARA (2000) BISS (2003)
Proactiv e Reactive
security association between each source and destination Clock Synchronization Trust calculation
Reactive Reactive Reactive Reactive Reactive Reactive
TESLA Public Key System Symmetric Key Mechanism Online Key Management Scheme Online Public Key Infrastructure Provision of Shared Secret Key Mechanism Mobile gateways
PrAODV Reactive (2004) SPREAD Hybrid Threshold Secret (2004) Sharing AODVReactive X.509 Certificate SEC (2006) SLSP Proactiv TTP (2003) e Table 2: Classification of Secure Routing Protocol against attacks listed in Fig.1 Unfortunately, there is no proper protocol available in the literature which can manage to withstand all these attacks. Designing efficient routing protocols that provide both high security and high network performance is still a focus of recent research in this field. 4. CONCLUSION In this paper, an attempt is made to discuss various routing protocols and attacks that exist in adhoc networks. They were further categorized based on TCP/IP model. The paper presents the solution for further attacks (both passive and active) which were implemented in network layer. Various security metrices were also discussed. REFRENCES: [1]C. Siva Ram Murthy and B. S. Manoj, “Ad Hoc Wireless Networks, Architectures and Protocols,” first Indian reprint 2005,pearson publication. ISBN 81-297-0945-7 [2]Henrik Lundgren“Implementation and experimental evaluation of wireless ad hoc
International Journal of Reviews in Computing
30th September 2011. Vol. 7 © 2009 - 2011 IJRIC & LLS. All rights reserved.
IJRIC
E-ISSN: 2076-3336
ISSN: 2076-3328
www.ijric.org
routing protocol,” Acta Universitet upsaliensis-uppsala,2005. [3]C.E.Perkins, “Ad hoc Networking” ,Addison Wesley , 2001. [4]C.K.Toh, “Adhoc Mobile wireless networks: Protocols and Systems”, Prentice Hall ,New Jersy,2002. [5]Dr. Yogesh Chaba and Naresh Kumar Medishetti, “ Routing protocols in Mobile Ad hoc Networks-A Simulation Study Final”, JCS Vol1,No.1, August 2005. [6]Jim Geier, Wireless System Architecture: How Wireless Works.http://www.ciscopress.com/articles/arti cle.asp?p=344242&rl=1 [7]Aftab Ahmad, “Wireless And Mobile Data Networks”, Wiley Interscience, 2005. [8]E.M. Royer and C-K Toh, “A Review of Current Routing Protocols for Ad-hoc mobile wireless networks”, IEEE Personal Communications, April 1999. [9]Paolo Santi “Topology Control in Wireless Ad hoc and Sensor Networks”,John Wiley & Sons.Ltd,2005. [10]D. B. Johnson, “Routing in ad hoc networks of mobile hosts,” in Proc.IEEEWorkshop Mobile Computing Systems and Applications, Dec. 1994, pp. 158–163. [11]C.E. Perkins and P. Bhagwat, “Highly Dynamic Destination-Sequenced DistanceVector Routing (DSDV) for Mobile Computers,” Comp. Commun. Rev., Oct. 1994. [12]C. E. Perkins and P. Bagwig, “Highly dynamic destination-sequenced distance-vector routing (DSDV) for mobile computers,” in Proc. SIGCOMM’94 Conf. Communications Architectures, Protocols and Applications, pp. 234–244. [13]Azzedine Boukerche, Sajal K. Das, Alessandro Fabbri, “ Message traffic control capabilities of the R-DSDV protocol in mobile ad hoc networks”, In MSWIM '01: Proceedings of the 4th ACM international workshop on Modeling, analysis and simulation of wireless and mobile systems (2001), pp. 105-112. [14] Jacquet, P. and Clausen, T. and Laouiti, A. and Qayyum, A. and Viennot, Optimized link state routing protocol for ad hoc networks. IEEE International Multi Topic Conference . L. (2001). [15]A SCALABLE LOCATION SERVICE FOR GEOGRAPHIC AD HOC NETWORKS JUN LIU; WEI GUO; BAI LONG XIAO; FEI HUANG “MECHATRONICS AND AUTOMATION”, 2005 15
IEEE INTERNATIONAL CONFERENCE VOLUME 2, ISSUE , 29 JULY-1 AUG. 2005 PAGE(S): 831 836 VOL. 2 [16] Xiaoyan Hong, Kaixin Xu, and Mario Gerla, “ Scalable Routing Protocols for Mobile Ad Hoc Networks, 0890-8044/95/$05.00 2002 © IEEE Network [18] Liana Khamis Qabajeh, Dr. Miss Laiha Mat Kiah, Mohammad Moustafa Qabajeh, “ A Qualitative Comparison of Position-Based Routing Protocols for Ad-Hoc Networks”, IJCSNS International Journal of Computer Science and Network Security, VOL.9 No.2, February 2009 [19] C. Perkins, “Ad-hoc on-demand distance vector routing,” in MILCOM ’97 panel on Ad Hoc Networks., Nov. 1997. [20] Guevara Noubir, “On Connectivity in Ad hoc Networks under jamming using directional antennas and mobility”.http://www.ccs.neu.edu/home/noubi r/publications/N04.pdf [21] Anand Patwardhan,Jim Parker,Anupam Joshi, “Secure routing and Intrusion detection in Adhoc Networks”. http://www.csrc.nist.gov/groups/SNS/mobile_ security/documents/mobile_agents/nist-umbcadhocids-ipv6.pdf. [22] Raja Mahmood, R.A. Khan, A.I. , “ A survey on detecting black hole attack in AODVbased mobile ad hoc networks “,978-1-42441828-2@IEEE2007 [23] Stefano Marano, Vincenzo Matta, Lang Tong, “Distributed detection in the presence of Byzantine attacks”, ISSN:1053-587X ,IEEE Transactions,2009 [24] Bing Wu, Jianmin Chen, Jie Wu and Mihaela Cardei, “A Survey of Attacks and Countermeasures in Mobile Ad Hoc Networks”, Signals and Communication Technology, Wireless Network Security, 10.1007/978-0-387-33112-6_5, 2007 Springer [25] Bo Sun, Kui Wu, Udo W. Pooch. Alert aggregation in mobile ad hoc networks. Proc. ACM workshop on Wireless security, 2003. [26] M. Drozda, H. Szczerbicka. Artificial Immune Systems: Survey and Applications in Ad Hoc Wireless Networks. Proc. 2006 International Symposium on Performance Evaluation of Computer and Telecommunication Systems (SPECTS'06), pp. 485-492, Calgary, Canada, 2006. [27] J.-F. Raymond, “Traffic Analysis: Protocols, Attacks, Design Issues and Open Problems,” Proc. Workshop on Design Issues in
International Journal of Reviews in Computing
30th September 2011. Vol. 7 © 2009 - 2011 IJRIC & LLS. All rights reserved.
IJRIC
E-ISSN: 2076-3336
ISSN: 2076-3328
www.ijric.org
Anonymity and Unobservability, Berkeley, CA, July 2000, pp. 7-26. [28]Rashid Hafeez Khokhar, Md. Asri Ngadi and Satria Mandala, “A Review of Current Routing Attacks in Mobile Adhoc Networks”, International Journal of Computer Science and Security,Volume(2)issue(3). [29] Haining Wang,Danlu Zhang,Kang G.Shin “Detecting SYN Flooding Attack”, http://www.cs.wm.edu/~hnw/paper/attack.pdf [30] Udaya Kiran Tupakula Vijay Varadharajan,“A Practical Method to Counteract Denial of Service Attacks”,Information and Networked System Security Research, 2003, Australian Computer Society, Inc. [31] Computer Emergency Response Team. “CERT Advisory CA-2000-01 Denial- Of-Service Developments”.http://www.cert.org/advisorie s/CA-2000-01.html, Jan.2000. [32] Computer Emergency Response Team. “CERT Advisory CA-1999-17Denial-of-Service Tools”. http://www.cert.org/advisories/CA1999-17.html.[33] D.Dittrich: “The stacheldraht” distributed denial of service attacktool”. http://staff.washington.edu/dittrich/misc/stach eldraht.analysis.txt, Dec.1999. [34] D.Dittrich: “The Tribe Flood Network distributed denial of service attack tool”.http://staff.washington.edu/dittrich/misc/ tfn.analysis,Oct.1999. [35] Umang Singh, M.N.Hoda, “Mitigating attacks in Routing Protocol”, Proceedings of the national conference Computing for Nation Development, INDIACom-2007,Feb 2324,2007. [36] Vincent D. Park and M.Scott Corson, “ Temporally –Ordered Routing Algorithm(TORA) version1:Functionalspecification.Internet-Draft,draft-ietf-manettora-spec-00.txt,Novenber 1997.Work in Progress [37] David Lundberg Ad hoc Protocol Evaluation and Experiences of Real World Ad Hoc Networking, Department of Information Technology, Uppsala University, Sweden [38] Panagiotis Papadimitratos, Zygmunt J. Haas “ Secure Link State Routing for Mobile Ad Hoc Networks”, Applications and the Internet Workshops, 2003. Proceedings. 2003 Symposium on 27-31 Jan. 2003 Page(s):379 383,ISBN: 0-7695-1873-3 [39] Yih-Chun Hu ,David B. Johnson , Adrian Perrig “SEAD: secure efficient distance vector routing for mobile wireless ad hoc 16
[40]
[41]
[42]
[43]
[44]
[45]
[46]
[47]
[48]
[49]
networks”, 1570-8705/$ 2003 Published by Elsevier B.V. doi:10.1016/S15708705(03)00019-2 Manel Guerrero Zapata:"Secure Ad hoc OnDemand Distance Vector (SAODV) Routing" INTERNET-DRAFT draft-guerrero-manetsaodv-06.txt. September 2006. Sonja Buchegger, JeanYves Le Boudec, “Performance Analysis of the CONFIDANT Protocol (Cooperation Of Nodes: Fairness In Dynamic Adhoc NeTworks)”, MOBIHOC’02, June 911, 2002, EPFL Lausanne, Switzerland. Copyright 2002 ACM 1581135017/ 02/0006 . $5.00. Abdalla Mahmoud Ahmed Sameh Sherif ElKassas, “ Reputed Authenticated Routing for Ad Hoc Networks Protocol (ReputedARAN)” 0-7803-9466-6/05/$20.00 ©2005 IEEE Hu, Yih-Chun, Adrian Perrig, and Dave Johnson. "Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks." In Proceedings of the Eighth Annual International Conference on Mobile Computing and Networking (ACM Mobicom), Atlanta, Georgia, September 23 28, 2002 Jing Liu, Fei Fu, Junmo Xiao and Yang Lu, “ Secure Routing for Mobile Ad Hoc Networks”, 0-7695-2909-7/07 $25.00 © 2007 IEEE DOI 10.1109/SNPD.2007.223 Vinod Namboodiri, Manish Agarwal, Lixin Gao, “A Study on the Feasibility of Mobile Gateways for Vehicular Ad-hoc Networks”, VANET’04, October 1, 2004, Philadelphia, Pennsylvania, USA. Copyright 2004 ACM 158113-922-5/04/0010 K. Mandalas, D. Flitzanis, G. F. Marias, P. Georgiadis, “ A Survey of Several Cooperation Enforcement Schemes for MANETs” 0-7803-9314-7/05/$20.00©2005 IEEE Mohammed Zeshan, Shoab A. Khan, Ahmad Raza Cheema, Attique Ahmed, “Adding Security against Packet Dropping Attack in Mobile Adhoc Networks”, ISBN 978-0-76953480-0 @2008 IEEE Srdjan Capkun, Jean- Pierre Hubaux, “BISS: building secure routing out of an incomplete set of security associations”, ISBN:1-58113-769-9 @ 2003 IEEE. Ranga Ramanujan, Atiq Ahamad, Jordan Bonney, Ryan Hagelstrom, Ken Thurber “ Techniques For Intrusion-Resistant Ad Hoc
International Journal of Reviews in Computing
30th September 2011. Vol. 7 © 2009 - 2011 IJRIC & LLS. All rights reserved.
IJRIC
E-ISSN: 2076-3336
ISSN: 2076-3328
www.ijric.org
Routing Algorithms”, 0-7803-65 12-6/$10.00 (C) 2000 IEEE. [50] Yih-Chun Hu, Adrian Perrig, “A Survey of Secure Wireless Ad Hoc Routing” ,May-June 2004@IEEE [51] Wenjing Lou , Wei Liu, Yuguang Fang, “ SPREAD: Enhancing Data Confidentiality in Mobile Ad Hoc Networks”, 0-7803-83567/04/$20.00 (C) 2004 IEEE Security and Privacy, doi:10.1109/MSP.2004.1 [52] Stephan Eichler and Christian Roman, “ Challenges of Secure Routing in MANETs : A Simulative Approach using AODV-SEC”, 1-4244-0507-6/06/$20.00 ©2006 IEEE [53] C. Perkins and P. Bhagwat, “Highly dynamic destination-sequenced distance-vector routing (DSDV) for mobile computers,” in ACM SIGCOMM’94 Conference on Communications Architectures, Protocols and Applications,1994, pp. 234–244. [54] D. B. Johnson and D. A. Maltz, “Dynamic source routing in ad hoc wireless networks,” in Mobile Computing, Imielinski and Korth, Eds. Kluwer Academic Publishers, 1996, vol. 353. [55] Josh Broch,David A. Maltz, David B.Johnson,Yih-Chun Hu,Jorjeta Jetcheva,”A Performance Comparision of Multi-Hop Wireless Ad Hoc Network Routing Protocols,MOBICOM 98 Dallas Texas USA. [56]Vincent D. Park and M.Scott Corson,”Ahighly adaptive distributed routing algorithm for mobile wireless networks.In Proceedings of INFOCOM’97,Airline House,Virginia. Available at http://www.cise.nsf.gov/anir/ww.html [57] Xiaoyan Hong, Mario Gerla, Guangyu Pei, Ching-Chuan Chiang A Group Mobility Model For Ad Hoc Wireless Networks, University Of California. [58]Gianni A. Di Caro “Analysis of simulation environments for mobile ad hoc networks”Technical Report No. IDSIA-24-03 December 2003,IDSIA / USI-SUPSI Dalle Molle Institute for Artificial Intelligence Galleria 2, 6928 Manno, Switzerland. [59] Michael Feeley, Norman Hutchinson, and Suprio Ray Computer Science Department, University of British Columbia, Vancouver, Canada “Realistic Mobility for Mobile Ad Hoc Network Simulation”.
AUTHOR PROFILE: Ms. Umang Singh has received the post graduate degree in computer applications from U.P Technical University, Lucknow (U.P) India in 2003. She is a research student of IPU, Delhi. Currently, she is an Asstt Professor at ITS Management and IT Institute, Ghaziabad, UP. She has received award from CSI delhi chapter in 2008. She has published more than 25 research papers in esteemed national/international conferences and journals. Her interests are in Data management, Information Security, Mobile communications, Vehicular networks, Sensor networks and Adhoc networks.
17
