Design & Implementation of Dynamic Routing

In Wireless Networks
Abstract
In this project, I deal fully about the Security which has become one of the major
issues of data communication over wired and wireless networks. In the past decades, various
security-enhanced measures have been proposed to improve the security of data transmission
over public networks. Existing work on security-enhanced data transmission includes the
designs of cryptography algorithms, system infrastructures and security-enhanced routing
methods.
Different from the past work on the designs of cryptography algorithms and system
infrastructures, I am proposing a security enhanced Distributed Dynamic Routing Algorithm
(DDRA) that will randomize delivery paths for data transmission. DDRA algorithm is easy to
implement and compatible with popular routing protocols, such as the Routing Information
Protocol in wired networks and Destination-Sequenced Distance Vector protocol in wireless
networks, without introducing extra control messages.
The main objective of this project is to enhance routing methods by having
considerably small path-similarity (i.e., the number of common links between two delivery
paths) between two consecutive transmitted packets, which leads to improve our network
security from various security attacks. A series of simulation experiments are conducted to
show the capability of DDRA algorithm.
K.V. Satish Reddy
M.Tech 2
nd
Year (W.M.C)
Vardhaman College of Engineering, A.P
Satish74r@gmail.com
1
DESIGN & IMPLEMENTATION OF DYNAMIC ROUTING
IN WIRELESS NETWORKS
K.V.Satish Reddy
M.Tech (W.M.C)
Vardhaman College of Engineering,A.P
Satish74r@gmail.com
Abstract Security has become one of the major issues for data communication over wired and wireless
networks. Different from the past work on the designs of cryptography algorithms and system infrastructures, we
will propose a dynamic routing algorithm that could randomize delivery paths for data transmission. The
algorithm is easy to implement and compatible with popular routing protocols, such as the Routing Information
Protocol (RIP) in wired networks and Destination-Sequenced Distance Vector protocol (DSDV) in wireless
networks, without introducing extra control messages. Simulation experiments are conducted to show the
capability of the proposed Distributed Dynamic Routing Algorithm.
1 INTRODUCTION
In the past decades, various security-enhanced measures have
been proposed to improve the security of data transmission
over public networks. Existing work on security-enhanced
data transmission includes the designs of cryptography
algorithms and system infrastructures and security-enhanced
routing methods. Their common objectives are often to
defeat various threats over the Internet, including
eavesdropping, spoofing, session hijacking, etc.
Among many well-known designs for cryptography-
based systems, the IP Security (IPSec) and the Secure Socket
Layer (SSL) are popularly supported and implemented in
many systems and platforms. Although IPSec and SSL do
greatly improve the security level for data transmission, they
unavoidably introduce substantial overheads [1], [8].
2 PROBLEM STATEMENT
The objective of this paper is to explore a security enhanced
dynamic routing algorithm based on distributed routing
information widely supported in existing wired and wireless
networks. We aim at the randomization of delivery paths for
data transmission to provide considerably small path
similarity (i.e., the number of common links between two
delivery paths) of two consecutive transmitted packets.
A network could be modeled as a graph G = (N, L),
where N is a set of routers (also referred to as nodes) in the
network, and L is a set of links that connect adjacent routers
in the network. A path p from a node s (referred to as source
node) to another node t (referred to as destination node) is a
set of links (N
1
, N
2
) (N
2
, N
3
) . (N

,N
+ 1
), where s =N
1
,
N
+ 1
= t, N
]
N, and (N
]
,N
] + 1
) L for 1 j i. Let P
s ,t
denote the set of all potential paths between a source node s
and a destination node t.
Definition (Path Similarity)
Given two paths p

and p
]
the path similarity
Sim( p

, p
]
) for p

and p
]
is defined as the number of
common links between p

and p
]
:
Sim (p

, p
]
) = |{(N
x
, N

)|(N
x
, N

) p

(N
x
, N

) p
]
}|
Expected value of Path Similarity:
E [S i m
s ,t
]= Sim (p

, p
]
). Piob (p
]
| p

). Piob(p

)
p
i
,p
]
P
s ,t
Where N
x
and N

are two nodes in the network.

The path similarity between two paths is computed
based on the algorithm of Levenshtein distance [2].
3 SECURITY-ENHANCED DYNAMIC
ROUTING
In many distance-vector-based implementations, e.g., those
based on RIP, each node N

maintains a routing table (see

Table 1a) in which each entry is associated with a tuple
(t, w
N
i
,t
,Nexthop), where t, w
N
i
,t
, and Nexthop denote some
unique destination node, an estimated minimal cost to send a
packet to t, and the next node along the minimal-cost path to
the destination node, respectively. The routing table shown in
Table 1a is extended to accommodate our security-enhanced
2
dynamic routing algorithm. In the extended routing
table (see Table 1b), We propose to associate each entry with
a tuple (t, w
N
i
,t
, C
t
N
i
, E
t
N
i
). C
t
N
i
is a set of node candidates
for the nexthop, where one of the next hop candidates that
have the minimal cost is marked. E
t
N
i
, a set of tuples, records
the history for packet deliveries through the node N

to the
destination node t. Each tuple ( N
]
,
N
]
) in E
t
N
i
is used to
represent that N

previously used the node

N
]
as the next hop
to forward the packet from the source node N
]
to the
destination node t.
3.1 A Distributed Dynamic Routing Algorithm
The DDRA proposed in this paper consists of two parts:
1) Randomization process for packet deliveries.
2) Maintenance of the extended routing table.
3.1.1 Randomization Process
Consider the delivery of a packet with the destination t at a
node N

. In order to minimize the probability that packets are

eavesdropped over a specific link, a randomization process
for packet deliveries shown in Procedure 1 is adopted.
In this process, the previous next hop
s
(defined in
E
t
N
i
of Table 1b) for the source node s is identified in the first
step of the process (line 1). Then, the process randomly picks
up a neighboring node in C
t
N
i
excluding
s
as the next hop for
the current packet transmission. The exclusion of
s
for the
next hop selection avoids transmitting two consecutive
packets in the same link, and the randomized pickup prevents
attackers from easily predicting routing paths for the coming
transmitted packets.
Procedure-1 Randomized Selector (s,t,pkt)
1: Let
s
be the used nexthop for the previous packet delivery
for the source node s.
2: if
s
C
t
N
i

then
3: if |C
t
N
i

| > 1 then
4: Randomly choose a node x from {C
t
N
i

-
s
} as a
nexthop, and send the packet pkt to the node x.
5:
s
x, and update the routing table of N

.
6: else
7: Send the packet pkt to
s
.
8: end if
9: else
10: Randomly choose a node y from C
t
N
i

as a nexthop.
11:
s
y, and update the routing table of N

.
12: end if
3.1.2 Routing Table Maintenance
Let every node in the network be given a routing table and a
link table. We assume that the link table of each node is
constructed by an existing link discovery protocol, such as
the Hello protocol. On the other hand, the construction and
maintenance of routing tables are revised based on the well
known Bellman-Ford algorithm [3].
When a node N

receives a distance vector from a

neighboring node, Procedure 2 is used to maintain the next
hop candidates for each entry in the routing table of N

.Based
on Procedures 1 and 2, our security-enhanced dynamic
routing can be achieved without modifying the existing
distance-vector-based routing protocols such as RIP and
DSDV.
3
Procedure-2 DV PROCESS (t, W
N
j
,t
)
1: if the destination node t is not in the routing table then
2: Add the entry (t, ( w
N
i
,N
]
+ w
N
]
,t
),C
t
N
i
= {N
]
},E
t
N
i
= )
3: else if ( w
N
i
,N
]
+ w
N
]
,t
) < w
N
i
,t
then
4: C
t
N
i
{N
]
} and N
]
is marked as the minimal-cost
nexthop.
5: w
N
i
,t
( w
N
i
,N
]
+ w
N
]
,t
)
6: for each node N
k
N b r
]
expect N
]
do
7: if w
N
k
,t
< w
N
i
,t
then
8: C
t
N
i
C
t
N
i
U {N
k
}
9: end if
10: end for
11: Send (t, w
N
i
,t
) to each neighboring node N
k
N b r

.
12: else if (( w
N
i ,N
]
+ w
N
]
,t
) > w
N
i
,t
then
13: if (N
]
C
t
N
i
) then
14: if N
]
was marked as the minimal-cost nexthop then
15: w
N
i
,t
H I N
N
k
N b
i

( w
N
i
,N
k
+ w
N
k
,t
)
16 C
t
N
i

17: for each node N
k
N b r

do
18: if w
N
k
,t
< w
N
i
,t
then
19: C
t
N
i
C
t
N
i
U {N
k
}
20: end if
21: end for
22: Send (t, w
N
i
,t
) to each neighboring node N
k
N b r

.
23: else if w
N
]
,t
> w
N
i
,t
then
24: C
t
N
i
C
t
N
i
- {N
k
}
25: end if
26: else if (N
]
C
t
N
i
) ^ (w
N
]
,t
< w
N
i
,t
) then
27: C
t
N
i
C
t
N
i
U {N
]
}
28: end if
29: end if
4 PERFORMANCE EVALUATIONS
In this section we compare the performance of DDRA with
the popular Shortest-Path Routing Algorithm (SPRA) [11]
and the Equal-Cost Routing Algorithm (ECRA) [6], [9]. In
SPRA, only one path with the minimal cost is derived for
each source destination pair. On the other hand, more than
one path can be accommodated in ECRA if their delivery
costs are the same as that of the minimal-cost path.
A simulation model is constructed to investigate the
performance of the proposed methodology using ns-2
network simulator/Java. In the simulation model, the
DANTE Europe topology shown acts as a backbone network.
The average path similarity of the source-destination
pair is calculated by summing the path similarity of each two
consecutive packets divided by the packet number minus 1.
The same operation is done for the rest of source-destination
pairs. Finally, the value of E|S i m
P S
l
] can be obtained by
averaging the path similarity of all source-destination pairs
with the length l of minimal- cost paths.
Fig.1-DANTE-Europe-topology
In order to investigate the effect of traffic load on
throughput for our proposed DDRA, the traffic is also
generated based on variable-bit-rate applications such as file
transfers over Transmission Control Protocol (TCP). The
average packet size is 1,000 bytes, and source-destination
pairs are chosen randomly with uniform probabilities.
4.1 Effect of l on E |S | m
P S
|
]
Fig. 2 shows the experimental result of E|S i m
P S
l
] for
DDRA, ECRA, and SPRA under the DANTE Europe
topology from this figure, we observe that our DDRA-based
methodology greatly outperform SPRA and ECRA for all l
(length of the minimal-cost path) values under investigation,
which indicates that our DDRA provides larger path variation
and, thus, more secure packet routing.
Fig. 2. E|S i m
P S
l
] for DANTE Europe topology.
0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5
0
1
2
3
4
5
6
7
Length of The Minimal Cost Path (l)
A
v
e
r
a
g
e

P
a
t
h

S
i
m
i
l
a
r
i
t
y
SPRA
ECMP
DDRA
4
Also, the E|S i m
P S
l
] values for SPRA, ECRA, and
DDRA increase as l increases. The increasing rates for SPRA
and ECRA are much larger than those for DDRA especially
when l is large. Specifically, the E|S i m
P S
l
] value for
SPRA is the same as the length of minimal-cost path because
all packets always go through the minimal-cost path between
source-destination pairs. For all l values, the performance of
DDRA is better than that of SPRA and ECRA.
4.2 Effect of Traffic Load on Throughput
This section elaborates on the effect of traffic load on
throughput for SPRA, ECRA, and our DDRA. Fig 3 shows
the experimental result of the throughput under different
loads for DDRA, ECRA, and SPRA. From these figure, we
can observe that the throughput would be degraded when the
number of TCP flows increases (i.e., the traffic loads
increases).
Furthermore, for all values of traffic loads under
investigation, the performance of DDRA on the throughput is
superior as compared with that of ECRA and SPRA. This
phenomenon implies that our security-enhance dynamic
routing can provide more path variation against security
threats without sacrificing the end-to-end transmission
performance on the throughput.
Fig.3. Effect of traffic load on throughput for DANTE Europe
topology.
5 CONCLUSION
This paper has proposed a security-enhanced dynamic
routing algorithm based on distributed routing information
widely supported in existing networks. The proposed
algorithm is easy to implement and compatible with popular
routing protocols, such as RIP [13] and DSDV [12] over
existing infrastructures. Simulation experiments were
conducted to show the capability of the proposed algorithm,
for which we have very encouraging results. We must point
out that the proposed algorithm is completely orthogonal to
the work based on the designs of cryptography algorithms
and system infrastructures. Our security enhanced dynamic
routing could be used with cryptography-based system
designs to further improve the security of data transmission
over networks.
REFERENCES
[1] G.Apostolopoulos, V. Peris, P.Pradhan, and D.
Saha, Securing Electronic Commerce: Reducing
the SSL Overhead, IEEE Network, 2000.
[2] V.I.Levenshtein, Binary Codes Capable of
Correcting Deletions, Insertions, and
Reversals, Soviet Physics Doklady, vol.
10, no. 8, pp. 707-710, 1966.
[3] T.H. Cormen, C.E. Leiserson, and R.L.Rivest,
Introduction to Algorithms. MIT Press, 1990.
[4] S.Bohacek, J.P. Hespanha, K. Obraczka, J. Lee, and
C.Lim, Enhancing Security via Stochastic
Routing, Proc. 11
th
Intl Conf.
Computer Comm. and Networks (ICCCN), 2002.
[5] I. Gojmerac, T. Ziegler, F. Ricciato, and P. Reichl,
Adaptive Multipath Routing for Dynamic Traffic
Engineering,Proc. IEEE Global Tele-
communicatin Conf.(GLOBECOM), 2003.
[6] C. Hopps, Analysis of an Equal-Cost Multi-Path
Algorithm, Request for comments (RFC 2992),
Nov. 2000.
[7] J.F. Kurose and K.W. Ross, Computer
NetworkingA Top-Down Approach Featuring
the Internet. Addison Wesley, 2003
[8] S.-H. Liu, Y.-F. Lu, C.-F. Kuo, A.-C. Pang, and T.-
W. Kuo, The Performance Evaluation of a
Dynamic Configuration Method over
IPSEC, Proc. 24th IEEE Real-Time Systems
Symp.: Works in Progress Session (RTSS
WIP),2003.
[9] W. Lou and Y. Fang, A Multipath Routing
Approach for Secure Data Delivery, Proc.
IEEE Military Comm. Conf. (MilCom), 2001.
[10] W. Lou, W. Liu, and Y. Fang, SPREAD:
Improving Network Security by Multipath
Routing, Proc. IEEE Military Comm. Conf.
(MilCom), 2003.
[11] J. Moy, Open Shortest Path First (OSPF) Version 2,
Request for comments (RFC 1247), July 1991.
[12] C.Perkins and P. Bhagwat, Highly Dynamic
Destination Sequenced Distance-Vector
Routing (DSDV) for Mobile Computers,
[13] G. Malkin, Routing Information Protocol (RIP)
Version 2 Carrying Additional Information,
Request for comments (RFC 1723), Nov.1994.
1 2 3 4 5 6 7 8 9 10
0
1
2
3
4
5
6
7
8
9
10
TCP Flows (Traffic Load)
T
h
r
o
u
g
h
p
u
t
SPRA
ECMP
DDRA