04-08-2012, 10:31 AM
Cluster Based Security Scheme for Mobile Ad Hoc Networks
1Cluster Based Security.pdf (Size: 125.44 KB / Downloads: 23)
Abstract
Secured communication in mobile ad hoc network
is a crucial issue due to dynamic nature of the network topology.
Due to lack of centralized control, issuing certificates from a
centralized certification agent is not possible in ad hoc network.
The major problem in providing security services in such
infrastructure less networks is how to manage the cryptographic
keys that are needed. The unique characteristics of mobile ad hoc
networks causes a number of nontrivial challenges to security
design such as open network architecture, shared wireless
medium, stringent resource constraints and highly dynamic
topology. In MANET any node may compromise the packet
routing functionality by disrupting the route discovery process.
These challenges make a case for building multi-fence security
solution that achieves both extensive protection and desirable
network performance. We propose a novel cluster based security
scheme to protect mobile ad hoc network link layer and network
layer operations of delivering packet over the multihop wireless
channel.
INTRODUCTION
In ad hoc network every node is self-organized and each node
can communicate directly with other nodes in the network An
ad hoc network is composed of mobile terminals that
communicate one to the other through broadcast radio
transmissions, i.e., transmissions that reach all the terminals
within the transmission power range. However, due to radio
range limitations, physical broadcasting does not cover all
terminals and a multi-hop scenario, where packets are relayed
by intermediate terminals to reach their destination.
Applications of mobile ad hoc networks can range from
military field communications, where networks must be
deployed immediately without the support of base stations and
fixed network infrastructures, to inter-vehicle communications,
designed for both traffic safety enhancement and entertainment
purposes.
RELATED WORK
The traditional key distribution protocols rely on
infrastructure with online trusted third parties. When the users
want to establish secure communication among them, each one
of them has to obtain a new session key from the key
distribution center. There is also number of schemes extending
this approach to ad hoc network. [5] Present a hierarchical
framework and key distribution algorithms for dynamic
environment, with a focus on how keys and trust relationships
are transferred when users move between so-called "areas" in
the hierarchy. When distance vector routing protocols such as
AODV [4] are used, the attacker may advertise a route with
smaller distance metric than its actual distance to the
destination or advertise a routing update with a larger
sequence number and invalidate all the routing updates from
other nodes. The attacker can create routing loops in the
network and channel contention in certain areas. Zhang and
Lee describe a distributed and cooperative intrusion detection
model where every node in the network participates in
intrusion detection and response [16]. Ad Hoc Routing
Algorithms are a set of design techniques that strengthen
MANET against DoS attacks [14].
SECURITY IN MANET
When discussing network security, three aspects can be
covered; the services required, the potential attacks and the
security mechanisms. The security services aspect includes the
functionality that is required to provide a secure networking
environment while the security attacks cover the methods that
could be employed to break these security services. Finally the
security mechanisms are the basic building blocks used to
provide the security services. Security is one of the important
aspects of this technology and it needs some serious attention.
Users within the network want their communication to be
secure. As current mobile ad-hoc networks do not have any
strict security policy, this could possibly lead active attackers
to easily exploit or possibly disable the mobile ad-hoc
network. Security goals in mobile ad-hoc networks are reached
through cryptographic mechanisms such as public key
encryption or digital signature. These mechanisms are backed
by centralized key management where a trusted Certificate
Authority (CA) provides public key certificate to mobile nodes
in order to develop mutual trust between nodes. Any
disturbance with the Certificate Authority can easily affect the
security of the entire network.
CLUSTER-BASED TOPOLOGY
Clustering is a method by which nodes are placed into
groups, called clusters. A cluster head is elected for each
cluster. A cluster head maintains a list of the nodes belonging
to the same cluster. It also maintains a path to each of these
nodes. The path is updated in a proactive manner. Similarly, a
cluster head maintains a list of the gateways to the neighboring
clusters. Using the information gathered from the members of
the cluster, each cluster head distribute the shares to the cluster
members. Each cluster head select a set of gateway nodes. In
order to have a secure communication between inter cluster
nodes gateway nodes can act as the trusted member of the
corresponding cluster. Through the trusted members secured
communication link can be established between two clusters.
The cluster head can operate as a trusted certificate authority
and it can distribute the certificate share to all cluster
members.
IMPLEMENTATION
In this section, we present our algorithm and protocols that
implement the localized security services and the self
initialization of the mobile ad hoc networks. For the proposed
clustering technique each node needs one or more hop
connectivity information to execute cluster creation and
maintenance algorithm. The cluster boundary or radius is
adjusted based on the congestion factor of ad hoc network.
The degree of the node is used as the congestion factor cf. If
the congestion factor cf is grater than maximum threshold tmax
(cf > tmax), it implies ad hoc population is very high so set hop
count to one. If the congestion factor is between tmax and
minimum threshold tmin (tmin <= cf <= tmax) it denotes the node
is in a medium populated area so set the hop count to two to
create a strong connectivity. If the congestion factor cf is less
than tmin (cf < tmin ) it implies the node is in a sparsely
populated area so set the hop count to three to maintain the
strong connectivity.
CONCLUSION
Key establishment is the bottleneck to providing secure
infrastructure for ad hoc networks. Key pre-distribution
schemes are believed to be the best option for ad hoc
networks, but all of the existing schemes rely on trusted third
party, thus limiting its use in ad hoc networks. Most of the
proposed routing solutions are, as yet, incomplete when it
comes to security issues. We can trust a routing mechanism
only when it guarantees that all transmission will be protected.
Rather than treating the security problems on individual basis,
we'll need to work out routing along with security in mobile
ad-hoc network. In this paper we proposed a novel security
based routing protocol in which the packets are routed only
through the trusted members. The trust factor of a mobile node
is verified and monitored by neighbor verification and
neighbor monitoring modules. Based on the calculated credits
other cluster members maintain their routing table.