International Journal of Computer Networks and Communications Security

VOL.1, NO.6, NOVEMBER 2013, 210215 Available online at: www.ijcncs.org ISSN 2308-9830

Mitigating the effect of malicious node in Mobile Ad Hoc Networks using Trust based Explicit No Technique
Dr. M.Hassan Islam1, Misbah Zareen2
1, 2

Center of Advance Studies in Engineering, Department of Computer Engineering, U.E.T Taxila Pakistan E-mail: 1mhasanislam@gmail.com, 2engr.misbah.zareen@gmail.com

ABSTRACT Mobile Ad Hoc Networks (MANETS) are vulnerable to malicious node attacks because they spoil the integrity of network by consuming network resources, dropping packets and false routing. Routing misbehavior can be avoided by following trusted path for data transmission. Existing Trust based mechanisms for secure routing increase overhead and complexity w.r.t processing and architecture. We compare multiple trust based secure routing techniques. The primary focus of this paper is to present an adon technique named Explicit No with reduced complexity, for evaluating trust worthiness of a neighboring node. This scheme helps in mitigating the effect of malicious nodes by correct identification. Results are presented through simulation in NS2. Keywords: MANETS, Trust, Malicious nodes, AODV, Network Simulator (NS2), Security. 1 INTRODUCTION 2.1.1 Architecture CONFIDANT consists of four major components: Monitor: Observes behavior of neighboring nodes by observing transmission and identifies misbehavior. Reputation Manager: This component maintains a table that has rating for nodes which is updated as per nodes own experience and reported experience. Path Manager: It deals with path re-ranking, path deletion, action on malicious node request and action on request for a route containing malicious node. Trust Manager: It deals with trust table management, trust level calculations, alarms generated by nodes on observation of a malicious activity. 2.1.2 Description When a malicious activity is observed by any node, this suspicious event is detected by monitor and Reputation System is called in turn. Reputation System checks the significance of the event and number of occurrences of events and update rating

In MANETS, the core concept is information sharing, dissemination and collaboration among routing devices [7]. Node cooperation is mandatory for proper functioning of MANETS and this can be compromised by black sheep. To mitigate the effect of malicious misbehavior of nodes, we introduce a trust based secure routing scheme that helps in evaluation of node trustworthiness using a special packet called Explicit No. We have studied the existing ad on techniques and have compared their performance with our proposed algorithm. Results show that Explicit No technique is convergent, less complex with simple design and more reliable for calculating the trust value of neighboring nodes. 2 2.1 TRUST MANAGEMENT SCHEMES Confident

It is a reputation based dynamic and weighted transitive trust management system based on DSR protocol. Trust in this mechanism is established through direct and indirect observations [2].

211
Dr. M. Islam and M.Zareen / International Journal of Computer Networks and Communications Security, 1 (6), November 2013

of nodes accordingly. In case of intolerable rating, Path Manager is called for deletion of all routes entries containing this malicious node and an Alarm is send to Monitor. Monitor passes this alarm to Trust manager and it evaluates trust of the node due to which the alarm has been generated. If the source of the alarm is trusted one, the alarm table is updated. In case, the source of alarm is malicious, the Reputation System is called which again evaluate the alarm [8]. 2.1.3 Performance Analysis Throughput increases because of decrease in number of drop packets. Overhead due to Alarms increases if the numberof malicious node increases. Malicious behavior is an exception and false praise attack is not possible because of sharing negative information. A malicious node when see negative information about itself can change its strategy and node of good reputation may stop sharing negative information because of the fear of revenge. Malicious node that is excluded from the network may reenter the network after timeout. CONFIDANT treats faulty and malicious node in same way. This scheme not only detects the misbehaving nodes but also refrain malicious nodes from getting benefits from other cooperating nodes. 2.2 Watchdog Pathrater

node, WD monitors this forwarding. If neighbor node does not forward the packet to next node or fails to do so, it is detected as a mischievous node and gets reported to Pathrater. WD maintains a buffer for storing recently sent packets [1]. The buffer packet is then matched with the overheard packet. If the packet is matched then no failure is detected and the buffered packet is removed. However, if a mismatch is detected or the packet is not overheard within timeout then failure is incremented for the node and when the failure exceeds the threshold then the node is marked as misbehaving. The source of the packet is informed about this misbehaving node 2.2.3 Performance Analysis More than one node in collusion can circumvent the WD. For example, a node B forwards a packet to node C but node B does not informs A if C drops the packet. WD does not know regarding the collision occurs at the receiver of the packet. This collision can either be by chance or due to malicious act of the node. Malicious node can drop fewer packets that can be lower than the threshold of the WD 2.3 Core

CORE is a dynamic reputation based distributed scheme based on DSR protocol [5] and enforces node cooperation based on Collaborative monitoring technique [3]. 2.3.1 Architecture CORE has three major components: Network Entity: The Network entity corresponds to a mobile node. Entity that request the execution of a particular function is called a Requester and entity that executes that particular requested function is called a Provider. Reputation Table: The Reputation Table has entries for nodes that correspond to Subjective Reputation, Unique Identifier for the network entity, Collection of Indirect Reputation and Reputation value evaluated for each function. Watchdog Mechanism: The WD mechanism detects the misbehaving network entities, examines the correct execution of the requested function and updates the reputation value accordingly. 2.3.2 Description In CORE nodes operate in promiscuous mode and are required to contribute in network activities

Watchdog Pathrater is a dynamic trust management scheme which is an extension of DSR protocol. 2.2.1 Architecture Watchdog Pathrater consists of two components:Watchdog: In promiscuous mode, it listens and monitors that the next node forward packets. Pathrater: Pathrater is used to delete the misbehaving nodes, to create new paths, avoid usage of misbehaving nodes and select a reliable path for data delivery. 2.2.2 Description WD runs on every node in the network and all nodes in the network are in promiscuous mode i.e. they can hear the transmission from other nodes. When a node forwards a packet to neighboring

212
Dr. M. Islam and M.Zareen / International Journal of Computer Networks and Communications Security, 1 (6), November 2013

in order to remain trusted and to maintain their reputation. If the node does not participate in network activates or remain idle for a specific time then its reputation degrades. If a provider does not cooperate in network activities then it leads to exclusion. Requestor requires the provider for execution of a particular function activates WD for the corresponding function and waits for outcome from WD. Reputation value for provider is updated accordingly as per outcome of WD scenarios when no misbehavior is detected, misbehavior is detected and a request by misbehaving entity is made. 2.3.3 Performance Analysis CORE handles misbehaving nodes, DOS attacks and propagation of fake/negative information. Only positive information is shared with other nodes. There is no fear of revenge by sharing positive information instead of negative information. CORE uses functional reputation. A network work entity is considered for execution of a particular function if its reputation value is above a certain threshold else it is ignored. CORE does not exclude malicious node from network if the node is well reputed in a function. CORE is generic mechanism that can be integrated with network and application layer functions. 3 1. FINDINGS CONFIDANT, Watchdog Pathrater and CORE have complex architectures. Every node in MANETS should have the respective components in order to avail the benefits of corresponding techniques. Processing overhead increases because of complicated architecture. Node energy keep on wasting while monitoring the immoral behavior of network entities. More computation power is required by devices for trust computation of neighboring nodes [4].

5.

All these schemes are divergent i.e. Takeforwarding behavior of source node to evaluate the trust of neighboring node.

In the realm of above findings we have proposed Explicit No scheme that address all aforementioned concerns with reduced complexity, efficient processing and energy saving. 4 CPROPOSED SCHEME EXPLICIT NO

Malicious nodes always have intensions for grabbing network resources by dropping packets, causing DOS attacks and by sending packets to wrong destination [6]. In Explicit No technique, node itself informs the source node about its unavailability by sending intimation through an EXPLICIT NO packet. We have implemented this ad-on on AODV protocol. 4.1 Description

In AODV, broadcasted RREQ packet is received by all neighboring nodes. If any neighboring node is not available for some reason like link broken, low battery or congestion then it will send an Explicit No packet to originating node with a flag raise for unavailability and estimated time for which the node is not available. On receiving the Explicit No packet, source node marks the entry as idle against the respective node till the time of unavailability. It Source node then increments the trust value of respective node that sends Explicit No reply. This is because, that node is behaving fair enough as it itself informs about its inadequacy. Malicious node will never send back Explicit No as it is always interested in receiving packets for devastating network operations. Source node will select any other alternate route for transmitting data to destination.

2. 3.

4.

Fig.1. Explicit No scenario

213
Dr. M. Islam and M.Zareen / International Journal of Computer Networks and Communications Security, 1 (6), November 2013

Fig.2. Explicit No algorithm

SIMULATION
Table 1: Configuration Parameters

Method Simulator Network Area Channel Type Propagation Model Radio Range Duration MAC Layer Max packet in ifq Number of nodes Routing Protocol Antenna Model Transmission Range Traffic Source

Value NS-2.35 1500 *500 WirelessChannel TwoRayGround 3.65E-10 5sec 802.11 50 50 AODV Omni Directional 0.2818 UDP/CBR

Fig.4. Delay increases in start as there is overhead in transmitting through alternate route.

Fig.3. Simulation Topology for MANETS with 50 nodes

Fig.5. Packet loss is less when transmission takes place through a trusted node.

214
Dr. M. Islam and M.Zareen / International Journal of Computer Networks and Communications Security, 1 (6), November 2013

Fig.6. Throughput increases as trusted node forwardsmaximum packets Table 2: Comparison of Trust Management Schemes for Secure Routing

COMPARATIVE ANALYSIS

Fig. 7. Comparative Analysis of AODV and AODV with Explicit NO Table 3: Throughput, PD Ratio and Number of Dropped packets for AODV and AODV with Explicit NO

Fig. 8. Comparison of number of routing packets for AODV and AODV with Explicit NO

7 1.

OBSERVATIONS AND RESULTS Explicit No scheme has less simple architecture. No complex components are required in architecture. Nodes need not to be engaged in monitoring the misbehavior of malicious nodes hence node energy is conserved.

2.

215
Dr. M. Islam and M.Zareen / International Journal of Computer Networks and Communications Security, 1 (6), November 2013

3.

Trustworthiness for node sending Explicit No increases with more reliability. Computation overhead reduces in proportion to the Explicit No packets received. Bandwidth is utilized efficiently because no bandwidth will be consumed on the route that has unavailable node. Explicit No is convergent technique as it converges towards source node. Neighboring node themselves give intimation of being unavailable. Node availability decreases though the node is trustworthy enough but as it is not available for specific period of time hence its overall credibility will be reduced. Overall network availability gets reduced and is directly proportion to the number of nodes sending Explicit No packets for specified time interval. Due to congestion, delay, long hops throughput can vary depending on the status of the selected alternate route. CONCLUSION

nodes other than neighboring nodes can improve trust evaluation. Robust schemes need to be developed for motivating nodes to share trust values honestly. 9 REFERENCES

4.

5.

6.

7.

8.

9.

Trust Management in MANET is an existing field of research as trust is a multidimensional concept. There is no standard protocol or technique for calculating the Trust on network entities in MANET. In MANET trust based decisions are challenging tasks due to constraints in the form of dynamicity that include varying topology, node mobility, channel conditions along with resource constraints of memory, battery and processing power and bandwidth. Our proposed scheme Explicit No is robust w.r.t architecture, helps to evaluate trust with less complexity and saves power in terms of sensing malicious activities and misbehaving network entities. However, it offers overhead in terms of network and node availability. Most of the schemes are based on AODV and DSR protocols and Trust Management for secure routing is in its incubation phase. Interoperability among different trust management systems need to be addressed. Gathering information from remote

[1] S.Marti, T. Guiuli, K. Lai and M. Baker, Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Proc. 6th Annual ACM/IEEE Mobile Computing and Networking, Boston, MA, Aug.2000, pp.255265 [2] S. buchegger and J. Y. Le Boudec, Performance Analysis of the CONFIDANT Protocol: Cooperation Of Nodes-Fairness In Dynamic Ad-hoc Networks, Proc. 3rd IEEE/ACM Symposium on Mobile Ad Hoc Networking and Computing, Lausanne, CH, 911 June 2002, pp.226-236 [3] P. Michiardi and R. Molva, CORE: A Collaborative Reputation Mechanism to Enforce Node Cooperation in Mobile Ad Hoc Networks, The 6th IFIP Conf. on Security Communications, and Multimedia, Porotoz, Slovenia, 2002. [4] K. Govindan and P. Mohapatra, Trust Computations and Trust Dynamics in Mobile Adhoc Networks: A Survey, IEEE Communications Surveys and Tutorials, 2012, pp.279-298 [5] D.B.Jhonson and D.A.Maltz, Dynamic Source Routing in Ad Hoc Wireless Networks, Mobile Computing, Kluwer Academic Publishers, vol.353, pp. 153-181, 1996 [6] Y. Hu and A. Perrig, A Survey of Secure Wireless Ad Hoc Routing, IEEE Security and Privacy, vol.2, no. 3, pp. 28-39, May 2004 [7] Jin-Hee Cho, Anathram Swami, Ing-Ray Chen, A Survey on Trust Management for Mobile Ad Hoc Networks, IEEE Communications Survey & Tutorials, vol. 13, No. 4, Fourth Quarter 2011 [8] Patroklos G. Argyroudis and DonalOMahony, Secure Routing for Mobile Adhoc Networks, IEEE Communications Surveys, vol.7, No. 4