Trusted Secure Geographic Routing Protocol for Detecting Insider Attacks in MANET

In Mobile Ad hoc Network (MANET), the nodes are linked to one another wirelessly and are self sustaining. The member nodes of MANET are very robust and minute. The deployment and maintenance of this network is less expensive and comparatively easy when compared with the conventional networks. However, MANET is highly susceptible to attacks due to its infrastructureless topology. The possible attacks vary over a wide range and affect the network in different levels. To overcome these attacks and safeguard the network performance, in this paper we propose to develop a trusted secure geographical routing protocol for detecting insider attacks. This routing protocol determines the trust value of its neighbouring nodes and based on it, packets are transmitted. The neighbouring nodes are monitored to check if they forward the packets successfully or not. In this way, trustworthy nodes are recorded and the untrustworthy nodes are determined to be malicious. The malicious nodes are omitted from routing process. INTRODUCTION Mobile Ad hoc Network (MANET) MANET is a self configuring network consisting of highly mobile member nodes which interact with each other. The network processing does not depend on any deployed infrastructure. The mobile nodes which are residing within the communication range of one another detect themselves and link wirelessly. When a node needs to communicate with another node which is not within its transmission range, then the intermediate nodes lying between the source and destination node, forward the packets to other intermediate nodes in the network till it is delivered at the destination. Thus, in MANET, the intermediate nodes work as routers [1].MANET is efficient in applications such as military, emergency purpose, etc due to its distributed topology [1]. The nodes in MANET are highly mobile in an unpredictable manner and are based on the flat geographical position data [2]. 188 Aruna Rao S.L. and Dr. K.V.N. Sunitha Attacks in MANET Attacks in MANET are mainly due to the malicious nodes, which compromise the network node privacy and integrity. In this way, the performance of the network is hindered [3]. Some of the attacks possible in MANET are ,black hole or grey hole attack, Sinkhole attack, Replay attack, Link Spoofing attack, Modification attack, Sybil attack, Colluding node attack , Flooding attack. Attack Prevention techniques in MANET To overcome the attacks in MANET and to enhance the network performance, several routing protocols have been designed. Routing protocols such as Dynamic Source Routing protocols and BSD’s ARP protocol are used to discover new secure routes and also solve the IP related issues [4]. Another way of avoiding attacks in MANET is by identifying valid nodes based on trust value. Inorder to achieve this, a trust management system is developed. In the trust management system, various characteristics of the network nodes are gathered, scrutinized and then used for deciding its validity [5]. RELATED WORKS Payal Khurana Batra et al [6] have proposed BT-GPSR: An Integrated Trust Model for Secure Geographic Routing in Wireless Sensor Networks. The BT-GPSR model is developed by the combination of the weighted trust model as well as the beta reputation system. After employing this technique, the network features like throughput, number of packets transmitted, packet delivery ratio, hop count, etc have enhanced by a drastic range when compared with the traditional techniques. Based on the simulation results, it is proved that the proposed technique performs better than the beta model as well as the weighted trust models. KunWang [7] have proposed A Secure Trust-Based Location-Aided Routing for AdHoc Networks. In the proposed technique, DBLAR is used in the reputation determination system to handle the security related issues like inability to protect the network data from attacks by the compromised nodes. The malicious nodes are detected based on their low trust value, which is calculated by the combination of the direct trust value and the recommendation trust values. The detected malicious nodes are then prohibited from packet forwarding operation. The simulation results prove that the proposed technique ensures security and better performance in the network. But, the overhead involved in this technique is higher. Hui Xia et al [8] have proposed a Trust prediction and trust-based source routing in mobile ad hoc networks. This routing protocol is developed on the basis of the previous experiences and prediction technique according to the logic rules. The trust based source routing protocol (TSR) is designed as an extension to the reactive trusted routing protocol to which the prediction trust value of the node is given as the input. Trusted Secure Geographic Routing Protocol for Detecting Insider Attacks in MANET 189 P. Raghu Vamsi et al [9] have proposed a Self Adaptive Trust Model (SATM) for secure geographic routing. In this paper, the SATM is combined with the Greedy Perimeter Stateless Routing protocol and the resulting network operation is analyzed. SATM technique is successful in detecting the malicious nodes with the aid of its robustness with respect to weight adjustment. Chen Lyu et al [10] have proposed an efficient and secure geographical routing (ESGR) technique against a series of attacks. The proposed ESGR technique ensures security by combining the associative one way hash function and the TESLA scheme. On the basis of the opportunistic mechanism, the broadcasting feature as well as the packet forwarding ability of the wireless links is used. The ESGR protocol protects the packets from the various attacks which compromises the packet by incorporating a single routing feature with the non centralized trust model. The ESGR technique is capable of withstanding the presence of the malicious nodes and also manages to achieve maximum throughput. However some delay is introduced in the network operation. TRUSTED SECURE GEOGRAPHIC ROUTING PROTOCOL Overview In this work, as an extension to the previous works, we propose to design a Trusted Secure Geographic Routing Protocol for detecting insider attacks. In this protocol, direct trust value is being estimated for each node based on the parameters number of packets forwarded (Pf) and number of packets forwarded without tampering Pwt. Trust value of other nodes is computed for a fixed trust update interval (TUI) [9]. To further detect neighbour nodes dropping or selectively forwarding packets, the sender overhears the wireless channel to check whether the packet is actually forwarded by its selected next hop node [10]. Finally, the total trust value for node is produced by combining the location trusted information and direct trusted information. Then the routing metric is represented in terms of the combined trust value such that nodes with lowest trust values are omitted from routing table. 190 Aruna Rao S.L. and Dr. K.V.N. Sunitha Trust value is recorded in the routing table of the estimating node Nodes with higher trust values are used for packet transmission Figure 1: Block Diagram Packet routing Agent monitors packet forwarding and integrity maintenance functionalities of other nodes Agent estimates weight factor and expectation factor of these two functionalities Trust value of each functionality is estimated Total trust value at every TUI is estimated Packet is transmitted to the next hop node Direct trusted information is estimated Location trusted information is estimated Total trusted information is estimated Overall trust value of each related node is estimated Nodes with lower trust value are omitted from routing table Trust estimation at Trust update interval (TUI) Direct and location trust information Trusted Secure Geographic Routing Protocol for Detecting Insider Attacks in MANET 191 Trust Value Estimation for Fixed TUI In the network, each node maintains an agent. This agent is responsible for computing the trust value of the neighbouring nodes. The trust value estimation is based on the weight element and expectation element of two functionalities, namely packet forwarding function and packet integrity maintenance. During interaction and observations with neighbours, a positive experience (α) is rated as 1 and a negative experience (β) is rated as 0. Reputation score is the expectation value of Beta probability density function (PDF). The trust value of the surrounding nodes is calculated by every respective node regularly at fixed trust update interval (TUI) [9]. This process is described in algorithm 1. Algorithm 1 Notations: 1. F : Functionality 2. i : integer 3. W(Fi) : weight element of each functionality 4. NOI : Number Of Interactions 5. E(Fi) : Expectation element of each 6. α : functionality positive positive experience 7. β : negative experience 8. T(F1) : trust value for the packet forwarding functionality 9. T(F2) : trust value for the packet integrity maintenance functionality 10. E(F11) : Expectation value of sincerity in packet forward 11. E(F12) : Expectation value of network acknowledgment 12. E(F21) : Expectation value of sincerity in maintaining packet integrity 13. E(F22) : Expectation value of node authentication 14. TTTUI : total trust value evaluated at fixed TUI 192 Aruna Rao S.L. and Dr. K.V.N. Sunitha Algorithm: 1. The agent in each node in the network monitors its neighbour nodes to keep a check on the surrounding environment. 2. The agent estimates the weight element for each functionality, based on (1). W(Fi) = NOI(Fi)/[NOI(Fi) + 1] (1) 3. The agent estimates the expectation element for each functionality based on (2). E(Fi) = α / [α + β] (2) 4. Next T(F1) is estimated by the agent based on (3). T(F1) = W(F1) * [E(F11) + E(F12)] (3) 5. Then the T(F2) is estimated by the agent based on (4). T(F2) = W(F2) * [E(F21) + E(F22)] (4) 6. After the estimation of the trust value of each functionality, TTTUI is estimated by the agent as TTTUI = T(F1) + T(F2) (5) 7. The trust value estimated is recorded in the routing table of the node along with the other related information of the corresponding neighbour node. This trust value information is recorded in the routing table and updated every TUI. In this way, the trust value of every neighbouring node is determined and recorded by each node in the network. Trust Value Estimation based on Location and Direct Trust Information After recording the trust information based on the weight and expectation factors, the packets are transmitted. After reaching the intermediate node, there are possibilities for the packet to get dropped. To determine if the packets are forwarded or dropped by the next hop node, the sender node overhears the wireless channel and based on the actions of the next hope node, its current trust value is computed. This process is described in algorithm 2. Algorithm 2 Notations: 1. m : sending node 2. n : next hop node 3. Pf : number of packets forwarded 4. Pwt. : number of packets forwarded without tampering 5. DTn : Direct Trust information of n Trusted Secure Geographic Routing Protocol for Detecting Insider Attacks in MANET 193 6. LTn : Location Trust information of n 7. Dmn : distance between m and n 8. Xm : coordinates of node m’s location 9. Xn : coordinates of node n’s location 10. Ø : predefined constant 11. TTn : total current trust value of n 12. TTTUI(n) : total trust value of n evaluated at fixed TUI 13. TT(n) : overall trust value of n