International Journal of ComputerComputerand Technology (IJCET), ISSN 0976 6367(Print), International Journal of Engineering Engineering ISSN 0976 6375(Online)

e) Volume 1, Number 2, Sep - Oct (2010), IAEME

and Technology (IJCET), ISSN 0976 6367(Print)

ISSN 0976 6375(Online) Volume 1 Number 2, Sep - Oct (2010), pp. 106- 117

IJCET

IAEME, http://www.iaeme.com/ijcet.html

IAEME

A SURVEY OF MITIGATING ROUTING MISBEHAVIOR IN MOBILE AD HOC NETWORKS

Mrs. S. A. Nagtilak Department of Computer Engineering S.C.O.E, Pune, E-Mail: saranagtilak@yahoo.co.in Prof. U.A. Mande Asst. Professors, Departments of Computer Engineering S.C.O.E, Pune, E-Mail: uamande.scoe@sinhgad.edu

ABSTRACT
The operation of MANETs does not depend on preexisting infrastructure or base stations. Network nodes in MANETs are free to move randomly. Therefore, the network topology of a MANET may change rapidly and unpredictably. This paper presents the existing methods to detect misbehavior in MANETs. Routing protocols used in such type of networks generally based on the assumption that, all participating nodes will be fully cooperative. But, due to the open structure node misbehavior may exist and packet loss occurs. Among them one type of misbehavior is that some nodes will take part in routing establishment processes but they do not respond to forward data packets and simply dismiss the packets. This paper surveys the methods can be used for the misbehavior detection of MANET.

Keywords 2ACK, SACK, S-TWOACK, beans, nuggets I. INTRODUCTION

MANET mobile ad hoc network as the name suggests consists of a bunch of entities called as nodes or hosts which communicate with each other exchanging information with the help of intermediate devices called as routers. The links between these so called nodes is generally invisible or called as wireless links. The structure of such networks is not predefined or it does not depend on any base stations lonely but a lot of other entities are also involved in the entire communication process. The topology of

106

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 6367(Print), ISSN 0976 6375(Online) Volume 1, Number 2, Sep - Oct (2010), IAEME

such networks keeps on changing mainly due to a factor called as mobility. Network clients in MANETs may move randomly. Therefore, the network topology of a MANET can be change unpredictably and speedily. All network activities, for instance forwarding data packets, and detecting the topologies which concern with nodes themselves for execution either collectively or individually. Due to this changing topology packet loss is a common phenomenon. Any wireless network consists of a lot of nodes that interact with each other exchanging information continuously. As these nodes have the flexibility of moving from one place to other, there may be cases wherein a particular node which is a receiver for a particular packet, moves away from the range of sender. However the sender is not aware of this scenario and it might still keep on sending packets thus leading to packet and data loss. The other case is a bit more interesting, whenever communication takes place between any two nodes there are a lot of nodes involved in this communication process acting as mediators. All these nodes agree to forward packets during the actual communication process but one of them actually turns selfish during the data transfer, this selfish node keeps on dropping packets as when received instead of forwarding it to the next hop in the communication process. These selfish behavior results in packet loss and also the source is unaware of such misbehaving node in the path towards the destination. And there is no such mechanism to detect this misbehaving node. The structure of a MANET totally depends on application and it can vary from network to network. For e.g. from a small static network which is highly power constrained to a large hugely dynamic network. Lots of techniques have been discovered to avoid the misbehavior or selfishness among nodes. There has been a lot of improvements in the field of computer and wireless technologies therefore there has been a lot of development expected in mobile wireless computing typical applications of which can be used in military scenes, rescue operations or where it is almost difficult to rely on wired network. MANET's are self organizable and configurable hence also known as multi hop wireless ad hoc networks, where the topology of the network keeps on changing continuously.

107

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 6367(Print), ISSN 0976 6375(Online) Volume 1, Number 2, Sep - Oct (2010), IAEME

A. PACKET LOSS DUE TO ROUTING MISBEHAVIORS

During data transfer in ad hoc networks, all the nodes in the network usually take part in the communication process in order to increase or maximize the throughput. Therefore the more the number of nodes greater is the bandwidth and smaller is the network partition with smaller paths. However it might also happen that a node has agreed to fully cooperate in the communication process but later refuses to do so resulting in loss of packets because of its selfishness [14]. A selfish node which acts as selfish by dropping packets does so because it is unwilling to spend its battery life and CPU cycles and save its bandwidth. Such a misbehaving node launches a denial of service attack by simply dropping packets.

Figure 1 Scenario for packet dropping and misrouting In some cases it might happen that the node which is dropping packets might have fault in the software running at its end. So the need is to focus on how this misbehaving node in order to decrease the packet loss can be detected [2]. There are a lot of schemes available in order to detect the routing misbehavior in MANETs which are as follows:

i) The watchdog technique:

In this scheme misbehaving nodes are detected by overhearing the wireless medium. The path rater technique, which is based on the watchdogs output, allows nodes to avoid the use of the misbehaving nodes in any future route selections. However, the drawback with watchdog technique is that it depends heavily on overhearing principal; therefore there is chance that it might fail to identify misbehavior in routing or raise false alarms in cases where ambiguous collisions, receiver collisions are present, it might also fail sometimes in cases for limited transmission power. 108

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 6367(Print), ISSN 0976 6375(Online) Volume 1, Number 2, Sep - Oct (2010), IAEME

ii) ACK and SACK schemes:

They are used to measure the usefulness of the current route and to take appropriate action. For example, congestion control is based on the reception of the ACK and the SACK packets.[1]

iii) TWOACK Scheme:

The 2ACK and the TWOACK schemes have the following major differences: 1) the node which acts as receiver in the 2ACK scheme usually sends 2ACK packets for a small amount of data packet which it has received, whereas, in the TWOACK scheme, TWOACK packets are acknowledged for every data packet received at the receivers end. But, however it was observed that sending acknowledgement for a fraction of data packets received, improves the performance of 2ACK scheme when it comes to routing overhead.

iv) (S-TWOACK) scheme or Selective TWOACK:

In this scheme every TWOACK packet will acknowledge or reply the receipt for number of data packets, whereas in the 2ACK scheme, a 2ACK packet only acknowledges one data packet. Because of such a small change, the 2ACK scheme gains easy control on the trade-off that appears between the network performance and the cost as compared to the S-TWOACK scheme.

II. EXISTING METHODOLOGIES

Routing protocols for MANETs are designed based on the assumption that all participating nodes are fully cooperative. Misbehaving nodes can be a significant problem. The presence of selfish or malicious nodes degrades the efficiency of packet relaying. It increases the packet delivery latency and the packet loss rate. Selfish nodes lead to network partitioning. Various techniques have been proposed to prevent selfishness in MANETs. These schemes can be broadly classified into two categories: credit-based schemes and reputation-based schemes.

A. Credit-Based Schemes
The basic idea of credit-based schemes presented [6] is to provide incentives for nodes to faithfully perform networking functions. In order to achieve this goal, virtual (electronic) currency or similar payment system may be set up. Nodes get paid for

109

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 6367(Print), ISSN 0976 6375(Online) Volume 1, Number 2, Sep - Oct (2010), IAEME

providing services to other nodes. When they request other nodes to help them for packet forwarding, they use the same payment system to pay for such services. The concept of nuggets (also called beans) is used for payments for packet forwarding. There are two models which use nuggets are: the Packet Purse Model shown Figure 2 and the Packet Trade Model shown in Figure 3. In the Packet Purse Model, nuggets are loaded into the packet before it is sent. The sender puts a certain number of nuggets on the data packet to be sent. Each intermediate node earns nuggets in return for forwarding the packet. If the packet exhausts its nuggets before reaching its destination, then it is dropped. In the Packet Trade Model, each intermediate node buys the packet from the previous node for some nuggets and sells it to the next node for more nuggets. Thus, each intermediate node earns some nuggets for providing the forwarding service and the overall cost of sending the packet is borne by the destination. In another implementation, each node maintains a counter termed the neglect counter. The counter is decreased when the node sends packets of its own, but increased when it forwards packets for the other nodes. The counter should be positive before a node is allowed to send its packet. Therefore, the nodes are encouraged to continue to help other nodes. Tamper resistant hardware modules are used to keep nodes from increasing the neglect counter illegally.

Figure 2 Packet purse model.

110

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 6367(Print), ISSN 0976 6375(Online) Volume 1, Number 2, Sep - Oct (2010), IAEME

Figure 3 Packet trade model. Another credit-based scheme, termed Sprite, has nodes that keep receipts of the received/forwarded messages. When the users have a fast connection to a Credit Clearance Service (CCS), they report all of these receipts. The CCS then decides the charge and credit for the reporting nodes. In the network architecture of Sprite, the CCS is assumed to be reachable through the use of the Internet, limiting the utility of Sprite. The main problem with credit-based schemes is that they usually require some kind of tamper-resistant hardware and/or extra protection for the virtual currency or the payment system.

B. Reputation-Based Schemes
The second category of techniques to combat node misbehavior in MANETs is reputation-based presented by [2]. In such schemes, network nodes collectively detect and declare the misbehavior of a suspicious node. Such a declaration is then propagated throughout the network so that the misbehaving node will be cut off from the rest of the network. The two modules under this category are watchdog and path rater shown in Fig 4. Nodes operate in a promiscuous mode wherein the watchdog module overhears the medium to check whether the next-hop node faithfully forwards the packet. At the same time, it maintains a buffer of recently sent packets. A data packet is cleared from the buffer when the watchdog overhears the same packet being forwarded by the next-hop node over the medium. If a data packet remains in the buffer for too long, the watchdog module accuses the next hop neighbor of misbehaving. Thus, the watchdog enables misbehavior detection at the forwarding level as well as the link level. Based on the watchdogs accusations, the path rater module rates every path in its cache and

111

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 6367(Print), ISSN 0976 6375(Online) Volume 1, Number 2, Sep - Oct (2010), IAEME

subsequently chooses the path that best avoids misbehaving nodes. Due to its reliance on overhearing, however, the watchdog technique may fail to detect misbehavior or raise false alarms in the presence of ambiguous collisions, receiver collisions, and limited transmission power. The CONFIDANT protocol [7] is another example of reputation-based schemes. The protocol is based on selective altruism and utilitarianism, thus making misbehavior unattractive. CONFIDANT consists of four important componentsthe Monitor, the Reputation System, the Path Manager, and the Trust Manager. They perform the vital functions of neighborhood watching, node rating, path rating, and sending and receiving alarm messages, respectively. Each node continuously monitors the behavior of its

first-hop neighbors. If a suspicious event is detected, details of the event are passed to the Reputation System. Depending on how significant and how frequent the event is, the Reputation

Figure 4 Watchdog & Path rater. System modifies the rating of the suspected node. Once the rating of a node becomes intolerable, control is passed to the Path Manager, which accordingly controls the route cache. Warning messages are propagated to other nodes in the form of an Alarm message sent out by the Trust Manager. The Monitor component in the CONFIDANT scheme shown in Figure 5 observes the next hop neighbors behavior using the overhearing technique. This causes the scheme to suffer from the same problems as the watchdog scheme.

112

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 6367(Print), ISSN 0976 6375(Online) Volume 1, Number 2, Sep - Oct (2010), IAEME

C. End-to-End Acknowledgment Schemes

There are several schemes that use end-to-end acknowledgments (ACKs) to detect routing misbehavior or malicious nodes in wireless networks. In the TCP protocol, end-to-end acknowledgment is employed. Such acknowledgments are sent by the end receiver to notify the sender about the reception of data packets up to some locations of the continuous data stream. The Selective Acknowledgment (SACK) technique [3] is used to acknowledge out-of-order data blocks.

Figure 5 CONFIDANT Scheme. The 2ACK technique differs from the ACK and the SACK schemes in the TCP protocol in the following manner: The 2ACK scheme tries to detect those misbehaving nodes which have agreed to forward data packets for the source node but refuse to do so when data packets arrive. TCP, on the other hand, uses ACK and ACK to measure the usefulness of the current route and to take appropriate action. In order to identify malicious routers that draw traffic toward them but fail to correctly forward the traffic, the secure trace route protocol is proposed. The normal trace route protocol allows the sender to simply send packets with increasing Time-To- Live (TTL) values and wait for a warning message from the router at which time the packets TTL value expires. The secure trace route protocol authenticates the trace route packets and disguises them as regular data packets. In secure trace route scheme, binary search is initiated on faulty routes. Asymptotically, log (n) probes are needed to identify a faulty link on a faulty n-hop route. This technique only works with static misbehaviors and needs to disguise the probing messages as regular routing control packets. Once a link is identified as faulty, the link weight is increased so that future link selections will avoid this link.

113

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 6367(Print), ISSN 0976 6375(Online) Volume 1, Number 2, Sep - Oct (2010), IAEME

The Best-effort Fault-Tolerant Routing (BFTR) scheme [16] also employs end-toend ACKs. The BFTR scheme continuously monitors the quality (i.e., packet delivery ratio) of the path in use. This is compared with the predefined expected behavior of good routes. If the behavior of the route in use deviates from the behavior of good routes, it is marked as infeasible and a new route is used. Since BFTR throws out the entire route before detecting the misbehaving nodes, the newly chosen route may still include the same misbehaving nodes. Even though the new route will be detected as infeasible by the source after a period of observation time, data packet loss will occur in traffic flows when using protocols such as UDP. Such a repeated detection process is inefficient. In contrast with BFTR, it is try to identify such misbehaving links in this work. Therefore, more accurate information on routing misbehavior can be obtained in the 2ACK scheme.

III. COMPARISON WITH THE EXISTING SCHEMES

Compared with the above schemes, the 2ACK scheme doesnt depend on end-to end acknowledgment. Instead, the 2ACK scheme tries to detect misdemeaning links as the links are being used. Such a proactive detection approach results in quicker detection and identification of misdemeaning links. In such a combined scheme, the Multi-Hop transmission and the monitoring processes are turned on only when routing carry outface degrades. It will further reduce the routing overhead of the 2ACK scheme. A scheme to choose routes based on the reliability index of each outgoing neighbor has each node maintaining a table of reliability indices of its neighbors. This type of reliability index indicates the previous success or failure experience of packet transmissions through neighboring nodes. For example, a successful point-to-point transmission will give output in an increase of the reliability index of the neighbor associated with the route. When selecting path for data transmissions, nodes prefer those rooted at the neighbors with higher reliability indices. Since a sender searches all possible path from its immediate neighbors, the overall reliability of the selecting path depends on how the neighbors select the rest of the route. As compared to the watchdog, the 2ACK scheme has the following advantages: Ambiguous Collisions: Ambiguous or doubtful collisions may occur at node N1. When a well behaved node N2 forwards the data packet toward N3, it is possible that N1

114

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 6367(Print), ISSN 0976 6375(Online) Volume 1, Number 2, Sep - Oct (2010), IAEME

cannot overhear the transmission due to another concurrent transmission in N1's neighborhood. The 2ACK technique solves this problem by requiring N3 to send a MultiHop packet explicitly. Receiver Collisions: Receiver or acceptor collisions take place in case of overhearing techniques when N1 overhears the data packet being forwarded by N2, but N3 fails to get the packet due to collisions in its neighborhood. The data packets will not be retransmitted by a misbehaving N2 because retransmission requires extra energy. Again, due to the explicit Multi-Hop packets our 2ACK scheme overcomes this problem. Limited Transmission Power: A misbehaving N2 may engineer its transmission power in such a way that N1 can overhear its transmission but not N3 such that, this problem matches with the Receiver Collisions problem. It goes to a level of threat only when the distance between N1 and N2 is less than the distance between N2 and N3. The 2ACK scheme does not suffer from limited transmission power problem. Limited Overhearing Range: In order to transmit data to N3 a well-behaved N2 could apply low level of power transmission. Due to N1's limited overhearing range, it will not overhear the transmission successfully and will thus infer that N2 is misbehaving, causing a false alarm. Both this problem occur due to the potential asymmetry between the communication links. The 2ACK scheme is not affected by limited overhearing range problem. The 2ACK scheme of detecting routing misbehavior is different from the TWOACK and SACK schemes present in the TCP protocol in the following manner: The 2ACK technique identifies misbehaving nodes which had agreed to forward data packets originating from the source node but later refuse to do so during actual data transfer. On the other side, the TCP protocol uses SACK and ACK to find the benefit of the current route and to take the required action. 2ACK scheme does not depend on endto-end acknowledgment. Such a 2ACK scheme may not exist in some traffic flows for instance UDP protocol. Such a proactive approach of detection results in faster detection of misbehaving links.

115

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 6367(Print), ISSN 0976 6375(Online) Volume 1, Number 2, Sep - Oct (2010), IAEME

IV. CONCLUSION
The 2ACK scheme which helps detect misbehavior by a two hop acknowledgement. The 2ACK scheme is a network-layer technique to detect misbehaving links and to mitigate their effects. The 2ACK scheme detects misbehavior through the use of a new type of acknowledgment packet, termed 2ACK. A 2ACK packet is assigned a fixed route of two hops (three nodes N1, N2, N3), in the opposite direction of the data traffic route. This technique identifies misbehaving nodes which had agreed to forward data packets originating from the source node but later refuse to do so during actual data transfer and it helps to reduce the routing overhead.

V. FUTURE WORK
The 2ACK scheme can be implemented which helps detect misbehavior by a two hop acknowledgment. The 2ACK scheme for detecting routing misbehavior is considered to be network-layer technique for mitigating the routing effects. The 2ACK scheme identifies misbehavior in routing by using a new acknowledgment packet, called 2ACK packet. The 2ACK technique is based on a simple 2-hop acknowledgment packet that is sent back by the receiver of the next-hop link. The 2ACK scheme can be used as an addon technique to routing protocols such as OLSR in MANETs.

REFERENCES
[1] Aad I., Hubaux J.-P., and Knightly E-W., Denial of Service Resilience in Ad Hoc Networks, Proc. MobiCom, pp. 202-215, 2004. [2] Baker M, Giuli T., Lai K. and Marti S., Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Proc. MobiCom, pp. 255-265, Aug. 2000. [3] Balakrishnan K., Deng J., and Varshney P. K., TWOACK: Preventing Selfishness in Mobile Ad Hoc Networks, Proc. IEEE Wireless Comm. and Networking Conf. (WCNC 05), pp.2137-2142 Mar. 2005. [4] Buttyan L. and Hubaux J. -P., Security and Cooperation in Wireless Networks, http://secowinet.epfl.ch/, 2006. [5] Buttyan L.and Hubaux J.-P., Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks, ACM/Kluwer Mobile Networks and Applications, vol. 8, no. 5, pp. 579-592, 2003.

116

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 6367(Print), ISSN 0976 6375(Online) Volume 1, Number 2, Sep - Oct (2010), IAEME

[6] Buttyan L. and Hubaux J.-P., Enforcing Service Availability in Mobile Ad-Hoc WANs, Proc. MobiHoc, pp, 255-265, Aug. 2000. [7] Buchegger S. and Le Boudec J.-Y., Performance Analysis of the CONFIDANT Protocol: Cooperation of Nodes, Fairness in Dynamic Ad-Hoc Networks, Proc. MobiHoc, pp. 226-236, June 2002. [8] Buttyan L., Hubaux J.-P.,and Jakobsson M., A Micropayment Scheme Encouraging Collaboration in Multi-Hop Cellular Networks, Proc. Financial Cryptography Conf., pp. 609-612, Jan. 2003. [9] Chiasserini C.F., Nuggehalli P., Srinivasan V., and Rao R.R., Cooperation in Wireless Ad Hoc Networks, Proc. INFOCOM, vol.2, pp. 808-817 Mar.-Apr. 2003. [10] Dipak Ghosal, Rose P. Tsang, and Stephen Mueller. Multipath Routing in

Mobile Ad Hoc Networks: Issues and Challenges in Performance tools and applications to networked systems revised tutorial lectures 2004, Volume 2965, Pages 209-234, Year of Publication :2004, ISBN 3-540-21945-5 [11] Floyd S., Mathis M., Mahdavi J., and Romanow A., RFC 2018 TCP Selective

Acknowledgement Options, technical report, PSC, LBNL, Sun Microsystems, Oct. 1996. [12] Jing Deng, Kejun Liu, Pramod K. Varshney, Fellow and Kashyap Balakrishnan. An Acknowledgment-Based Approach for the Detection of Routing Misbehavior in MANETs IEEE Transactions on Mobile Computing, Volume 6 , Issue 5 (May 2007) Pages 536-550, Year of Publication: 2007, ISSN: 1536-1233 [13] Miranda H. and Rodrigues L., Preventing Selfishness in Open Mobile Ad Hoc Networks, Proc. Seventh CaberNet Radicals Workshop, Oct. 2002. [14] Nahrstedt K. and Xue Y., Providing Fault-Tolerant Ad-Hoc Routing Service in Adversarial 388, 2004. [15] Sundararajan T.V.P., Dr.Shanmugam A. Performance Analysis of Selfish Node Aware Routing Protocol for Mobile Ad Hoc Networks, ICGST-CNIR Journal, Volume 9, Issue 1, July 2009 Environments, Wireless Personal Comm., vol. 29, nos. 3-4, pp. 367-

117