31-10-2016, 02:29 PM
1462515024-survey.rtf (Size: 12.35 KB / Downloads: 4)
The main function at IP layer of MANET is to perform endto-end delivery of data i.e. from source to destination. A routing protocol for MANET should have following features [2]:
1. It must be distributed as centralized routing, involves high control overhead and it is not scalable.
2. It must be adaptive to frequent topology changes caused by the mobility of nodes.
3. Route computation and maintenance must involve a minimum number of nodes. Each node in the network must have quick access to routes; it means minimum connection setup time is desired.
4. It must be localized, as global state maintenance involves a huge state propagation control overhead.
5. It must be loop-free and free from stale routes.
6. It must converge to optimal routes once the network topology becomes stable.
7. It must optimally use scarce resources such as bandwidth, memory, computing power and battery power.
8. Every node in the network should try to store information regarding the stable local topology only.
1.3 Wormhole Attack
A wormhole attack[3] is the severe attack that occurs between two malicious nodes via in band or out of band channel connectivity. First adversary receives packets at one location and tunnel them to next adversary at another location.it is a type of denial of service attack that can affect the network.
For example in the figure 2, the source node (S) sends packets to destination through the normal path (S-A-B-C-D),but these packets also eavesdrops by the first malacious node(X) and then tunneled to second malacious node (Y). now Y transmits them to the destination node (D) before they arrived to D from the normal path. So rest of packets that follow the normal path will be dropped by destination.
1.2Classification of Routing Protocols
1.2.1 Proactive or table driven routing protocol
In table driven routing protocol each node maintains the network topology information in form of routing tables periodically by exchanging routing information to maintain consistent and up-to-date view of the network when topology is changes. When the node requires a path to destination it runs appropriate path finding algorithm. Routing table uses sequence number to find latest route. Some existing proactive protocols are Destination Sequence Distance Vector (DSDV), Global State Routing (GSR), and Clustered Gateway Switch
Routing (CGSR) [4].
1.2.2 Reactive or on-demand routing protocol
Protocols under this category do not maintain topology information and said as a lazy approach to routing. Route is established when it is required, they do not maintain any routing information nor exchange information periodically. The route remains valid until the route is no longer needed. Dynamic Source Routing (DSR), Ad-hoc On-demand Distance Vector Routing (AODV) are routing protocol of this category.
1.2.3 Hybrid routing protocol
Hybrid routing protocol combines best features of above two protocol categories. Within a certain geographical domain a table driven approach is used and beyond this domain ondemand approach is applied. Examples are Zone Routing Protocol (ZRP), Wireless Ad hoc Routing Protocol (WARP).
Many security schemes from different aspects of MANET have been proposed in order to protect the routing information or data packets during communications, such as secure routing protocols and secure key management solutions. Due to resource scarcity (battery power, memory, and processing power) of nodes, securing MANET is quite different from traditional schemes that generally involve management and safe keeping of a small number of private and public keys. The security mechanism for MANET, on one hand, must require low computation complexity and a small number of appended messages to save the node energy. On the other hand, it should also be competitive and effective in preventing misbehaviors or identifying misbehaving nodes from normal ones. However, most of these schemes assume that there are trusted third parties or centralized servers who are responsible for issuing digital certificates and keys or monitoring the behaviors of other nodes. Centralized servers or trusted parties make the network more controllable but they destroy the self organizing nature of MANET and reduce the network scalability. Even some schemes distribute the servers into many nodes; there are still bottlenecks due to centralization.
If the scheme distributes the functions of servers into each node of the network, it will introduce significant performance overhead. What’s more, by requiring nodes to generate and verify digital signatures all the time, these solutions often bring huge computation overhead [5] and [6] and [7]. Therefore, we need a self-organized light-weightsecurity scheme for mobile ad hoc networks.
Secure Ad-hoc on demand distance vector Routing (SAODV):
A secure version of AODV called Secure AODV (SAODV). It provides features such as integrity, authentication, and non-repudiation of routing data. It incorporates two schemes for securing AODV. To preserve the collaboration mechanism of AODV, SAODV includes a kind of delegation feature that allows intermediate nodes to reply to RREQ messages. This is called the double signature: when a node A generates a RREQ message, in addition to the regular signature, it can include a second signature, which is computed on a fictitious RREP message towards A itself. Intermediate nodes can store this second signature in their routing table, along with other routing information related to node A. If one of these nodes then receives a RREQ towards node A, it can reply on behalf of A with a RREP message, similarly to what happens with regular AODV. To do so, the intermediate node generates the RREP message, includes the signature of node A that it previously cached, and signs the message with its own private key. SAODV does not require additional messages with respect to AODV. Nevertheless, SAODV messages are significantly bigger, mostly because of digital signatures. Moreover, SAODV requires heavyweight asymmetric cryptographic operations: every time a node generates a routing message, it must generate a signature, and every time it receives a routing message (also as an intermediate node), it must verify a signature. This gets worse when the double signature mechanism is used, because this may require the generation or verification of two signatures for a single message. In the SAODV operations, SAODV allows to authenticate the AODV routing data. Two mechanisms are used to achieve this: hash chains and signatures [6].
Reliable Ad-hoc On-demand Distance Vector Routing (RAODV):
The existing AODV has been extended to RAODV by adding two types of control packets: Reliable Route Discovery Unit (RRDU) and RRDU Reply (RRDU_REP). The RRDU messages are control packets sent by the source node along with RRDU-ID, to the destination at regular intervals and RRDU_REP message is the response of RRDU by the destination to the source node. RRDU_REP can only be generated by the destination. There is no impersonation i.e. no node other than the destination, can generate RRDU_REP on behalf of the destination. Reliability List (RL) field is also adding in the routing table entry. An entry in the RL has Source address, a field called Forward Data Packet Count (FDPC) and RRDU-ID, i.e. the triplet (Source address, FDPC, RRDU-ID). The Routing Table entry format of RAODV is same as that of AODV except for the additional RL field. RAODV uses RREQ, RREP messages for route discovery and RERR, HELLO messages for route maintenance which is similar in AODV. In addition, RAODV also uses RRDU and RRDU_REP to help discover the path and for reliability maintenance. In RAODV the path discovery can be thought of as consisting of two phases. The phase I is same as AODV. Whenever a node wishes to communicate with another node it looks for a route in its table. If a valid entry is found for the destination it uses that path else the node broadcasts the RREQ to its neighbors to locate the destination [8] [9].
ARAN (Authenticated Routing for Ad-hoc Networks):
ARAN provides authentication, message integrity and nonrepudiation in ad-hoc networks by using a preliminary certification process which is followed by a route instantiation process that ensures end-to-end security services. But it needs the use of trusted certification server. The main disadvantage with the protocol is every node that forwards a route discovery or a route reply message must also sign it, which is very power consuming and causes the size of the routing messages to increase at each hop [10][11].
Moreover, some authentication measures, such as digital signature, can be performed in a more flexible way based on the trust value so the system overhead can be greatly reduced. Based on this trust model, we design our secure routing protocol for MANET according to Ad hoc Ondemand Distance Vector (AODV) routing protocol.