GRD Journals- Global Research and Development Journal for Engineering | Volume 5 | Issue 7 | June 2020 ISSN- 2455-5703
Security of Data with Enhanced Technique of AASR Protocol for Secure Cross Layer Routing in MANET Adithya Aithal UG Student Department of Computer Science and Engineering Srinivas School of Engineering, Mukka, Mangalore Akshay D Bhat UG Student Department of Computer Science and Engineering Srinivas School of Engineering, Mukka, Mangalore
Mrs. Shifana Begum Assistant Professor Department of Computer Science and Engineering Srinivas School of Engineering, Mukka, Mangalore
Abstract MANET supports communication without any wired medium and with layered architecture. It does not uses any infrastructure support. Present alternative to the layered architecture is cross layer design approaches and the interaction between the layers are supported. The security of CLPC (Cross Layer Design Approach for Power control) routing protocol will be discussed in this paper. The transmission power and finding the effective route between source and destination can be improved by CLPC. The reliable path between the source and destination can be determined by RSS from the physical layer, but it is vulnerable to the DOS attacks. Here we propose a Secure cross layer power control protocol SCLPC to placate the attacks on CLPC. The SCLPC protocol provides better results for the network matrices as throughput, delay and packet delivery ratio. Keywords- MANET, CLPC, RSS, DOS Attacks
I. INTRODUCTION MANET Mobile Adhoc Network is a dynamic, decentralized and also an infrastructure less network which we use for communication. Here destiny can vary and mobility speed can be high [1]. The challenging issues for MANET are battery constraints, high mobility, link breakage and limited bandwidth. The architecture here which is layered allows the designer to target only specific parameter which is limited to the layer. But as we see in cross layer design the parameter of one layer can be interfaced with the other layer. It also provides the cross layer optimization and QOS [2]. The Cross layer based approach will provide better results but the security of cross layer based designs are challenging issues. Transmission power related issues can directly affect the various network parameters. In this paper firstly we simulate the CLPC [3] under attacking behaviour and compare the different metrics. Then we propose the security model SCLPC that is based on anonymity and authentication. Anonymous communication means identities of source and destination nodes cannot be revealed to other nodes also the link or traffic between source and destination cannot be recognized by any other node [4]. Nodes are aliased with pseudonym. To defend any type of attacks and to prevent the intermediate nodes from modifying the packets, RREQ packets are authenticated by group signature and key encrypted onion routing with route secret verification message is designed to prevent the intermediate nodes from inferring as destination.
II. RELATED WORK K. Suresh Babu and K. Chandra Sekharaiah [5] implemented CLDASR (Cross layer based detection and authentication technique for secure multipath routing) protocol against the network layer attack i.e. black hole, gray hole. Sreedhar C., Dr.S.Madhusudana Verma, Dr.S.Kasiviswanath[6] proposed cross layer based secure routing protocol CSR-MAN.They implemented interaction of Physical layer, MAC layer and Network layer. By calculating RSS value at physical layer, node then calculates the available bandwidth at MAC layer. Azza Maohammed, Boukli Hacene Sofiane and Faraoun Kamel Mohamed [7] propose CrossAODV as a secure cross layer routing protocol with crossK. Suresh Babu and K. Chandra Sekharaiah [5] implemented CLDASR (Cross layer based detection and authentication technique for secure multipath routing) protocol against the network layer attack i.e. black hole, gray hole. Sreedhar C., Dr. S. Madhusudana Verma, Dr. S. Kasiviswanath [6] proposed cross layer based secure routing protocol CSR-MAN.They implemented interaction of Physical layer, MAC layer and Network layer. By calculating RSS value at physical layer, node then calculates the available bandwidth at MAC layer. Azza Maohammed, Boukli Hacene Sofiane and Faraoun Kamel Mohamed [7] propose CrossAODV as a secure cross layer routing protocol with cross layering of MAC layer and Network layer.
All rights reserved by www.grdjournals.com
78
Network Protocols, Schemes, Mechanisms for Internet of Things (IoT): Features and Open Challenges (GRDJE/ Volume 5 / Issue 7 / 010)
They suggested the verification and validation of routing information through RTS/CTS frame. Joseph Soryal, Tarek Saadawi proposed a mechanism for endto-end Cross Layer Design protocol in a totally distributed environment to detect and react to DoS attacks targeting IEEE 802.11 MAC layers.R. Madanmohan and K. Selvakumar proposed a cross layer design approach for power control.
III. CROSS LAYER DESIGN FRAMEWORK WITH MALICIOUS BEHAVIOR In CLPC nodes collects the RSS values from their neighbors using hello packets and using dynamic transmission power control mechanism every node calculates minimum RSS, Average RSS and Maximum RSS. Source generally selects the nodes with a min distance (1-hop) from it and having max RSS. Nodes with max RSS value are considered as more durable and reliable. These RSS from physical layer are interfaced to the network layer by MAC layer. And depending on RSS values the routing decision are made. The timely updated RSS values allows the node to modify the transmission power at the physical layer. In this each node calculates the Average of all its neighbors RSS as and define three threshold as your paper; use the scroll down window on the left of the MS Word Formatting toolbar. A_RSS =∑ni=1RSSi/n A_Min_RSS =∑i=1MIN_NODERSSi/MIN_NODE where RSSi < A_RSS A_Max_RSS=∑i=1MAX_NODERSSi/MAX_NODE where RSSi > A_RSS Using these values every node determines the communication region and source nodes arrange the nodes region wise based on node’s RSS value. Source nodes broadcast the RREQ to nodes on Maximum communication region and intermediate nodes determines the RSS to decide whether or not to broadcast it to the next node. In the CLPC.CC we add the code for malicious behaviour and in tcl script we apply attack code on the specific nodes ad follows: CLPC::command(int argc, const char*const* argv) { if(strcmp(argv[1], "attack") == 0) { malicious = true; return TCL_OK; }} / /if I am malicious node if (malicious == true ) { drop(p, DROP_RTR_ROUTE_LOOP); printf ("Malicious Attacker Active in current round....!\n" ); In tcl script we add code for malicious node for {set i 31} {$i < 35 } {incr i} && for {set i 51} {$i < 55 } {incr i} { $ns_ at 25.0 "[$node_($i) set ragent_] attack" $ns_ at 0.5 "$node_($i) add-mark m red square" $ns_ at 0.5 "$node_($i) label A" }
IV. PROPOSED SECURE ROUTING MECHANISM USING ANONYMOUS ROUTING As mentioned above under malicious behaviour CLPC has been occurred with less performance metrics. It has been proved that Cross layer design protocols [10] are better but security of such protocols is important and we should detect and mitigate the attacks. We have attempted to implement AASR (Authenticated Anonymous secure routing). The SCLPC works as mentioned in the steps (i) Every node can collect the neighbours RSS by broadcasting hello packets and compute the threshold value as discussed in section 3. It is difficult for attacker to measure the individual RSS values of nodes. (ii) At Routing layer, a node from Maximum communication region with RSS > A_RSS along with verified group signature key is selected for broadcasting the RREQ. (iii) Attacker cannot modify these RSS values and we can keep all the anonymous by assigning the pseudonyms. (iv) For intermediate nodes we are using key encrypted onion routing with route secret verification message from inferring as destination. The RSS can be computed by MAC layer and using dynamic transmission control power it is updated in routing table of node timely. If we succeed to keep the source, destination, route of transmission and RREQ and RREP packets anonymous then we can able to mitigate the attacks strongly. This paper assumes that all nodes have the same propagation range, which can be altered depending on the 1-hop neighbour’s coverage. A. Network Assumption Let T represents the MANET network then following are the assumptions for anonymous routing
All rights reserved by www.grdjournals.com
79
Network Protocols, Schemes, Mechanisms for Internet of Things (IoT): Features and Open Challenges (GRDJE/ Volume 5 / Issue 7 / 010)
1) Public Key Infrastructure Each node T initially has a pair of public/private keys issued by a public key infrastructure (PKI) or other certificate authority (CA). For node A , its public/private keys are denoted by KA+ and KA-. 2) Group Signature We consider the entire network T as a group and each node has a pair of group public/private keys issued by the group manager. The group public key, denoted by GT+, is the same for all the nodes in T, while the group private key, denoted by GA- (for A ďż˝ T), is different for each node. 3) Neighborhood Symmetric Key Any two nodes in a neighborhood can establish a security association and create a symmetric key with their public/private keys. For two nodes A and B, the shared symmetric key is denoted by KAB and used for the data transmissions between them. B. Protocol Design AASR is adhoc on demand based routing protocol with functions of route discovery, data transmission and route maintenance. We implemented AASR in CLPC and named this as SCLPC (Secure Cross Layer based Power control Protocol). The design of protocol is as follows. Every node computes the RSS value of its adjacent nodes. And as discussed above formulates three regions depending on RSS value. After computing the RSS from neigh borer (generally 1-hop), source node S initiates route discovery to find its destination D. S forwards RREQ to nodes belonging to max communication region with RSS > A_RSS. When RSS is high nodes are nearer to each other of generally 1-hop distance. We assume source S knows destination D. Following Procedure is performed by SCLPC.
Fig. 1: Network Topology
1) S Store Following Entries in RREQ
Where ND - Aliased name of Destination, Dest: Destination binary string, KD+: Destination Public key, KSD: Symmetric key for Source & Destination 2) Source node encrypts the above message in RREQ by using its private group signature key and S again broadcasts the RREQ S ->* : [RREQ; Nsq; VD; VSD; Onion(S)]GSWhere Nsq- Sequence no. of RREQ, VD - Encrypted message for request validation at destination. VSD-Encrypted message for route validation at intermediate nodes. Onion(s) - key encrypted onion created by S. 3) VSD = (Nv)Kv Where Nv is one time nonce (password) generated by S for Destination D for route verification, Kv is symmetric key 4) The secret message VD is defined as VD = Nv; Kv; destKSD, KSDK+
All rights reserved by www.grdjournals.com
80
Network Protocols, Schemes, Mechanisms for Internet of Things (IoT): Features and Open Challenges (GRDJE/ Volume 5 / Issue 7 / 010)
5) Onion(S) can be defined as Onion(S) = OKv (NS), Where NS is on time generated nonce or password and encrypted by Symmetric key which will only be decrypted at destination. Source generates core of onion and every intermediate node go on encrypted layer with its symmetric key. 6) After transmitting the RREQ, S creates new entry in routing table as
7) Every intermediate node maintains neighborhood table. e.g. from fig. 1 we can see that node I is neighbour of node S and J. Then neigh borer table of 1 is
From neighborhood table I know that RREQ packet is received from neighbor S. As RREQ is received by node I from node S, Node I decrypts RREQ by applying its group public key and determine sequence number Nsq. If sequence number is not updated in routing table then it is considered as fresh RREQ and can be forwarded to other node. Timestamp checks whether the RREQ with sequence no is already generated. If Sequence number exists in routing table but with old timestamp then it is assumed to be processed RREQ and will be ignored. If sequence number persists but with fresh time stamp then it is considered as malicious [12]. It is to be noted that intermediate nodes cannot decrypt VD and VSD they only can encrypt onion(S) sent by source S and put their group private signature key. Onion(I) = OKSI (NI ;Onion(S)). Intermediate nodes will broadcast the RREQ as I ->* : [RREQ; Nsq; VD; VSD; Onion(I)]GI8) At Destination, when RREQ is received, D decrypts it by using public group signature key. And validates VD and using Symmetric key KSD it decrypts VSD. 9) Destination D generates RREP as D ->* : (RREP ; Nrt; Kv;Onion(J) KJD) Where Nrt is route pseudonym or aliased route name generated by D. KJD is symmetric key stored in neighborhood table of node J , J Decrypts onion and from neighbourhood table it forwards the RREP to next node I. J will verify the linkage of the received RREP with its stored RREQ. It tries to use the obtained Kv to decrypt the verification message VSD stored in its routing table. Once J finds the matched VSD, it will update the corresponding routing entry as follows:
10) When RREP reached at source, it validates the route as Now S can send the data to D. The format of the data packet is defined as follows: S ->D: (DATA; Nrt; <Pdata>KSD)
V. RESULTS
All rights reserved by www.grdjournals.com
81
Network Protocols, Schemes, Mechanisms for Internet of Things (IoT): Features and Open Challenges (GRDJE/ Volume 5 / Issue 7 / 010)
All rights reserved by www.grdjournals.com
82
Network Protocols, Schemes, Mechanisms for Internet of Things (IoT): Features and Open Challenges (GRDJE/ Volume 5 / Issue 7 / 010)
VI. CONCLUSION AND FUTURE WORKS CLPC protocol is cross layer based protocol designed to overcome the problem of link breakage. Discovering the new route from source to destination through reliable and secure routers consumes large overhead in terms of routing load. In CLPC RSS are used to decide the optimum route and its dynamic transmission power control mechanism predicts the link breakage. It is giving optimum performance but for malicious attack, the performance is under influence and attacker can disrupt the network functions. Hence the objective of designing the SCLPC is to provide secure and reliable routing service for MANET using cross layer design to mitigate various DOS attack. To defend such attack we proposed solution using AASR protocol and as shown in simulation results (fig 2a to 2d and 3a to3d) SCLPC has better performance against MCLPC. Future work is to achieve the optimum performance as imposed security using anonymous routing incurs the routing load and increased the end to end delay.
REFERENCES [1] [2] [3] [4] [5] [6] [7]
Amit A Bhusari “Review and Classification for cross layer Routing protocol for MANET”. Vineet Srivatsa “”Cross Layer design a survey and road ahead”. A sarfaraz ahmed “Cross Layer Design approach for power control.” Vey Liu “Authenticated Anonymous secure routing for Manets in adversarial environments”. K suresh chandra “CLDASR in MANET”. Sreedhar C “Cross Layer based secure routing in MANET”. Azza Mohammed “A cross layer for detection and ignoring backhole attack in MANET”
All rights reserved by www.grdjournals.com
83