SHARP : Secured Hierarchical Anonymous Routing Protocol for MANETs

Transcription

1 SHARP : Secured Hierarchical Anonymous Routing Protocol for MANETs Remya S MTech, Network Engineering Department of Information Technology Rajagiri School of Engineering and Technology remya.sasidharanpillai@yahoo.com Lakshmi K S Assistant Professor Department of Information Technology Rajagiri School of Engineering and Technology lakshmiks@rajagiritech.ac.in Abstract Mobile ad-hoc network (MANET) is one of the developing fields for research and development of wireless network. MANETs are self-organizing, infrastructure less, independent, dynamic topology based, open and decentralized networks. This is an ideal choice for uses such as communication and data sharing. Due to the open and decentralized nature of the network the nodes can join or leave the network a s they wish. There is no centralized authority to maintain the membership of nodes in the network. In MANETs security is the major concern in applications such as communication and data sharing. These are so many chances of different t y p e s of attacks d u e to self- organizing property of MANETs. Malicious attacker may try to attack t h e data p a c k e t s by tracing the route. They may try to find the source and destination through different t y p e s attacks. MANETs are vulnerable to malicious attackers that target to damage and analyze data and traffic analysis by communication eavesdropping or attacking routing protocols. Anonymous routing protocols are used by MANETs that h i d e s the identity of nodes as well as routes from outside observers. In MANETs anonymity means identity and location anonymity of data sources and destinations as well as route anonymity. However existing anonymous routing protocols have significantly high cost, which worsens the resource constraint problem in MANETs. This paper proposes Secured Hierarchical Anonymous Routing Protocol (SHARP) based on cluster routing. SHARP offers anonymity to source, destination, and routes. Theoretically SHARP achieves better anonymity protection compared to other anonymous routing protocols. to apply in critical situations like battle fields and commercial applications. Due to the dynamic topology and other great features MANET attracts to different real world applications. Ad-hoc networks are self-organizing and adaptive features make them a perfect choice for uses such as communication and data sharing. Because of openness and decentralization features, the members of the MANETs are not able to constrain the membership. MANETs are vulnerable due to mobility of nodes, threats from the nodes that are inside with in the network, limited security, scalability, dynamic topology and lack of centralized authority. So they are prone to malicious entities that objective to analyze and damage the information and the route by eavesdropping or attacking the routing protocols. MANETs characteristics There is no central monitor or authority for the network operations, the control is distributed among the nodes in the network. Communication between the nodes by direct interaction or by intermediate nodes that is multihop routing. In MANETs the nodes are independent or autonomous. Shared wireless communication medium. Nodes can move independently with different speeds, so the network topology is dynamic. Keywords- Anonymous routing, cluster-based routing, random forwarder, Cryptographic techniques, RSA. I. INTRODUCTION Mobile Ad-hoc Networks are a collection of mobile nodes that can communicate to each other through radio waves either directly or by intermediate nodes. The nodes in the network can communicate with every other without a physical infrastructure regardless of their physical location. So the MANETs are open, infrastructure less and decentralized. These features enable them to work anywhere without the help of centralized authority or base stations. MANET is a promising technology and has great strength Figure. 1. MANETs /15/$ IEEE

2 MANETs are self-organizing networks. They can move independently in the network that makes the frequent connection breakage between devices. Due to the absence of a central authority, the major challenge that the MANETs are facing is security. It is difficult to maintain an end-to-end route in an ad-hoc network because of its infrastructure less and dynamic topology features. Resource constraints are built in problem MANETs, where in every node works under an energy constraint. The multimedia applications impose higher requirement of routing efficiency. Challenges in MANETs are due to their distributed control, resource constraints, security threats, scalability, no predefined Boundary, adversary inside the Network, limited bandwidth, dynamic topology, routing Overhead, hidden terminal problem, packet losses, mobility- induced route changes, wireless medium and node mobility. Security is very important for secure transmission of information in MANETs. Due to the distributed control mechanism and shared medium makes MANET more susceptible to attacks. Security is the major concern in MANETs. The attacks are active and passive. Passive attacks include eaves- dropping and data disclosure. Active attacks include denial of service, Trojans, worms and data modification. There are other more specific problems with mobile ad hoc network such as openness of channels and nodes, black hole and wormhole attacks. The security issues include attacks that may inject erroneous routing information and this will result in diverting transmission path. To avoid these attacks methods such as public and private keys to get a certification authority and use of digital signatures and prior trust relationships. Routing is the communication between two nodes in a network. Routing is the process of forwarding packet towards its destination using most efficient path. Routing efficiency is measured in terms of Number of intermediate nodes, delay, throughput, security, etc. Routing protocols are divided into reactive, proactive and hybrid. Another type of routing is based on position or location of nodes in the network. They are known as position based routing protocols. The routing decision is based on the destination location. The forwarder nodes are selecting based on their geographical location of each node. Security is the major concern in the case of MANETs. Some applications need to hide the communication in between the nodes of that network. Such applications demand a protocol that can hide the node identities and geographical positions as well as their traffic information. The protocols that ensure this type of routing are known as anonymous routing protocols. MANET is an emerging technology and has great application in critical situations like battlefields and disaster managements. The developments of MANETs have stimulated innumerable wireless applications that can be applied in different areas. They are prone to malicious entities that objective to analyze and damage the information and the route by eavesdropping or attacking the routing protocols. Anonymous routing protocols in MANETs are playing a crucial role to offer secure communication. They provide secure data transfer without providing any details about node identities and route for an external entity. Anonymity means identity and location anonymity of source and destination and the route anonymity. Location and identity anonymity of source and destination defines it is difficult for other nodes to attain the exact or real identities and location of sender and receiver. In route anonymity, no node has the information about the forwarder or intermediate nodes in the route. Previous anonymous routing protocols are based on hop-by-hop encryption or redundant traffic. Most of them generate high cost also. These protocols are unable to provide all the source, destination, and route anonymity protection together. Detection and the avoidance of the intersection attack is the one of the problem. Handling of the timing attacks in the network is another problem. If attacker knows the source and the destination of the communication it will try to hack the message send by the source. It is also possible to if the attacker knows the route between the source it is possible to hack the message by analyze the routing pattern through that communication. Contributions in the proposed paper are highlighted as follows The underlying routing protocol is AODV. Changes are made to the routing of AODV to provide anonymity in the network. Random forwarders are carefully chosen based on their distance to the receiver and the data packets are through these forwarder nodes. The nodes are grouped or clustered based on their position and range. The anonymous routing is implemented by the RSA based cryptographic method in cluster based routing. Section II reviews related work on anonymous routing schemes for mobile ad hoc networks. Section III discusses the basic idea of Secured Hierarchical Anonymous Routing Protocol for MANETs (SHARP). Section IV gives the performance evaluation of SHARP. Simulation is used to test the performance of SHARP, and the settings and results of these experiments are in Section IV. Section V concludes the proposed idea with future enhancements. II. RELATED WORK MANETs are emerging field in wireless communication system. They are widely used for variety of applications. Some applications like military needs secure communication. To ensure this anonymity they use anonymous protocols for routing. Anonymity means to maintain the privacy of the entities as well as the routes. Privacy of entities means hiding the identity and position of nodes that are taking part in the communication. Route privacy is any one can t trace out the path. Due to openness and distributed features of MANETs there is no

3 membership constrains. So there are chances for malicious node to enter the system. There are so many anonymous routing protocols at present. But they can t provide all the anonymity together. Most of them are location based. They are using geographical routing protocols (Example - Greedy Perimeter Stateless Routing Protocol) as underline protocol. ALARM, ZAP, SDDR, ALERT are some of the existing anonymous routing protocols. Greedy Perimeter Stateless Routing (GPSR) is a simplified variant of the GFG protocol. Here the node selects the forward node which is closest to the destination. ALARM (Anonymous Location-Aided Routing) requires off-line group manager (GM) that initializes the underlying group signature system that enrolls all authentic nodes as group members. In case of a dispute, the GM is responsible for opening the contested group signature and determining the signer. The GM may also have to handle upcoming joins for new ones as well as cancellation of existing members. Each node broadcast its LAM (Location Announcement Message). Each node that receives a LAM, it verifies group signature. The node broadcasts the message to its neighbors if it is valid signature. After getting the LAM each node maintain a map and connectivity graph. When a node wanted makes a communication it checks whether a node is present in that position. Then it sends message to that destination using its pseudonym. The sending message is encrypted using the public key in its LAM. ARM (Anonymous Routing Protocol for Mobile Ad hoc Networks) hides routes in the network against passive global and local attacks. Nodes inside the network will not be able to determine that whether it receives the message from actual source or from forwarder due to probability padding. It hides the actual path between source and destination in a cloud. This protocol doesn t require any cryptographic operations. Secure dynamic distributed routing algorithm (SDDR) is an anonymous routing protocol with distributed features. Here the source node doesn t require maintaining the information about the entire topology of the network. The sender broad- casts the message to the receiver. The forwarding nodes use cryptographic techniques to encrypt the message using session keys. They insert their identification along with the encrypted message. This message is forwarded to the neighbors until it reaches the destination. The destination node only can decrypt it. When it receives the destination it sends back to the sender by the reverse path. Here each intermediate node performs the encryption procedure. So it is based on multilayered encryption. It ensures the anonymity. In ANODR the route discovery process creates an on- demand route between a sender and receiver. Here route pseudonym is maintained for each hop. The route pseudonym is based on a broadcast with trapdoor. MASK nodes use pseudonyms for routing procedure. Pseudonyms are used as an alternative to their real identification. The pseudonym should not have to be the same for the entire communication. Therefore each node should use dynamically changing pseudonyms. ALERT is another anonymous routing protocol which is zone based. Here the entire network is divided into zones such that sender and receiver are not in the same zone. The routing procedure is based on GPSR protocol. The forwarding node is the neighbor which is very close to the destination. To protect the node identities each node uses the dynamic pseudonyms instead of their original identities. To provide the source anonymity it uses notify and go mechanism. The destination is protected by local broadcast and multicast. There are so many such existing anonymous routing protocols. Some of them are location based. ALARM, ALERT, PRISM are some of the examples. ALERT, ZAP are zone based protocols. ANODR and DASR are based on cryptographic techniques. MASK uses pseudonyms to ensure the anonymity. Most of them can t provide the full anonymity together. ALARM cannot provide the location of sender and receiver, SDDR lacks the route privacy, and ZAP concentrates only on destination privacy. Some existing works does not support route anonymity. Most of them generate high cost. III. PROPOSED SYSTEM MANETs are widely used for different types of applications. Some applications need secure communication. For making the communication secure anonymous routing protocols are used. Anonymity means to maintain the privacy of the entities as well as the routes. There are so many anonymous routing protocols at present. But they can t provide all the anonymity together. This project proposes a Secured Hierarchical Anonymous Routing Protocol for MANETs. SHARP is cluster or group based anonymous routing protocol. Here the nodes in the network are grouped. The grouping is based on range and position of each node. The node and its one hop neighbors are grouped together. That means the nodes with a particular distance are grouped together to form a cluster. Then the routing is established in between the groups. Each group is maintained by a group identifier. The communication is encrypted by RSA method. There are two types of communication with in the system. Inter group communication and intragroup communication. So the nodes with in group can understand which the sender is and which the receiver is. But the nodes outside the group are viewed all these communications in terms of group identifier. So SHARP provides route anonymity, identity and location anonymity of source and destination. Network model Grouping of nodes Encryption and Decryption

4 Routing Scheme Anonymity Performance evaluation with AODV A. Network model MANETs consists group of mobile nodes that can communicate through shared wireless medium. The nodes are mobile that means the can move independently. It will make frequent link breaks. So MANETs lacks of fixed topology for the network. There are no membership criteria for the nodes in this network. So any one can enter or leave the network at any time. So any attacker can enter into the system and can retrieve the data, route, and entity information about a packet transmission. Network model consider the random way point model and the group mobility model. Networks nodes are grouped into Clusters. Therefore, an anonymous communication protocol that can provide untraceability is needed to strictly ensures the anonymity of the sender when the sender communicates with the other nodes. Moreover, a malicious observer may try to block the data packets by compromising the nodes and intercept the packets on a number of nodes. By detecting the data transmission direction it can trace back to the sender. So the route should also be undetectable. Attacker may also try to detect destination through traffic analysis by intersection attack. So the destination node also needs the protection of anonymity. In a communication a source wanted to send some information to destination. Transmission session is the time period that S and D interact with each other continuously until they stop. B. Grouping of nodes In SHARP the nodes entire network is grouped to form clusters. The clustering is based on the position or the coordinates of the nodes. Distance between the nodes and the source is calculated. Based on the distance the nodes are grouped. The nodes that are in the specified distance are forming a cluster. Then the communication is in the name of these clusters or groups. The packet transmission is by the communication between the groups. Inter and intra group communication is by random forwarders and relay nodes. So the communication is multi hop clustering. Each cluster has a specified range. The nodes belonging to that range are determined by the basics of their distance or coordinates. Each cluster maintains a cluster identifier or group identifier. The communication is carried out in this group id. The nodes form a cluster if they belong to particular range or distance. The nodes within the group can communicate with each other. This is known as intra group routing. They are mostly neighbors or one hop nodes. The nodes outside the group are communicated as multi hop fashion. The routing between the groups is known as inter group routing. This is by the means of relay nodes and random forwarders. As the number of clusters increases the anonymity also increases. So in general there is a source group, a destination group and one or more intermediate groups. Figure. 2. Clustering of nodes. C. Encryption and Decryption The packets transmitting through the network needs security and privacy. So the packets are encrypted. The encryption is based on the cryptographic technique RSA. In RSA each packet is encrypted with private and public keys. The data is passed by the sender. The packet undergoes the RSA technique and the data is encrypted using the private and public keys. The encrypted packet is transmitted through the network. When it reaches the destination then that is decrypted by the public and private keys. Only next node information is available to the intermediate nodes even after decryption. Successive layers are peeled off by each node and finally the last intermediate node will get the address of the destination node. But if the whole message is encrypted then even the last node will not be able to identify the destination. This is a modified approach in which the encryption is done only at the group level. Each group sends the data to next group by encrypting the data. So the nodes in the other group can understand only the group identifier. Hence the total time delay does not increase by a large factor. This approach ensures inter group anonymity. Nodes within the group will have an idea about the sender and receiver but outside the group nobody knows the real sender and receiver. This will dynamically generate an unpredictable routing path for a message. D. Routing Scheme SHARP features a dynamic and unpredictable routing path, consists of dynamically determined intermediate relay nodes. Hierarchical anonymous routing protocol based on multi hop clustering. The nodes are grouped on the basis of their transmission range. So there is a good group management with in the system. This enables inter and intra group secure communication. The SHARP allows the anonymous discovery of routes and sends data with

5 dramatically reduced cryptographic computation overhead compared with pure flat routing. SHARP uses multi-hop cluster routing procedure. Here the nodes in the entire network are divided into clusters or groups. The grouping or clustering is based on the transmission range or distance of the nodes. The routing is by inter and intra group communication. SHARP uses hierarchical clustering scheme a and randomly chooses a node in the cluster or group in each step as an intermediate relay node as random forwarder. The source group consists of the sender. It transmits the packets to next random forwarder from that group or next group. The random forwarder in the next group can understand that the packet is from that group. That node can t get the idea of real sender. After passing through the intermediate nodes it finally reaches the destination cluster node. Figure. 3. Routing in SHARP. Then it forwards to exact destination. In the clustering the communication between the clusters are by the name of cluster group identifier. So the real identity of each node inside the cluster is maintained. The communications between the clusters are by the group or cluster identifier. Each group maintained and identifier. So the outside communication hided the real identity of the node by this group identity. This is enabled by the encryption at the group level. E Anonymity Hierarchical anonymous routing protocol scheme contributes to the achievement of anonymity by restricting a node s view only to its neighbors. Lightweight mechanism called grouping or clustering is used to strengthen the anonymity protection of the nodes. Nodes are grouped based on the distance or position of the nodes in the network. Each group has an identifier. The communication in the network is by group identifier. Here encryption is used in the group level. This approach ensures the inter group anonymity. The nodes in the sender group have the idea about the real sender. The nodes in the receiver group also have the idea about the real receiver. The nodes outside the source group don t have any idea about the real sender. They can get only the group identifier. The communication between groups is by means of group identifier. So the overall feel is like that any of these nodes are not sending. This provides anonymity for the sender, reciver and the route. IV. PERFORMANCE EVALUATION WITH AODV Network Simulator 2 (NS2) is the most popular open source network simulators. NS2 is the second version of NS (Network Simulator). It uses is C++ and OTcl as the programming languages. C++ is used to implement the design and OTcl is used to schedule the events. To implement a new routing scheme in MANETs using NS-2 it needs to add a new routing protocol. C++ coding is used to implement routing protocol in NS-2, and the simulations describing scenarios are created by Tcl scripts. To implement an anonymous routing scheme, it needs some encryption technologies. So application layer patches have to be included. So to do that this work uses NS-2.33 versions. In this work the protocol is based on AODV protocol. In this work the sender wants to communicate with the receiver anonymously. That is an external observer can t able to trace out the sender, receiver and the path. So enable it the nodes in the network are grouped based on their position and range. Then application layer patches are added to enable the encryption. The encryption based on the RSA technique is also coded. A. Experimental Settings To simulate the system NS-2 is used. We made the similar scenario using AODV protocol. In this module, a comparison between the proposed system and the existing AODV is made, based on the anonymity, drops, packet delivery ratio, etc. Xgraphs are plotted for these factors for performance evaluation. Drops means no of packets dropped during the transmission. For performance evaluation drops for both AODV and SHARP are calculated. Xgraph are plotted and drops for SHARP are less compared with AODV. PDR is the proportion to the total amount of packets reached the destination and amount of packet sent by source. PDR = Number of packets successfully delivered / Number of packets generated. The Xgraph is plotted for both AODV and SHARP. SHARP has better PDR. Normalized overhead is the overhead that is incurred while transmission of the packet. NOH = Number of packets routed / Number of packets received. The normalized overhead is less for SHARP. End-to-end delay is the time taken for a packet to be transmitted through the network from source to destination. Throughput is the amount of data delivered per unit time. Throughput for AODV and SHARP is also computed. The delay is high for SHARP due to encryption and decryption techniques and therefore the throughput is less also.

6 Figure. 4. PDR comparison routing protocols in MANETs. SHARP provides source, destination and route anonymity. Encryption based inter group routing is established in SHARP. Research has to be continued to make encryption based routing to extend the anonymity of SHARP. The anonymity can be enhanced by encrypting the intra group communication. To improve the security, encryption by other methods better than RSA will also be considered. Due to the dynamic nature of the mobile nodes, their association and disassociation to and from clusters perturb the stability of the network and the problem becomes worse if these nodes are cluster heads. Eventually, the clustering stability in MANET would be significantly affected. So a better clustering scheme can be achieved by electing a cluster head based on residual energy along with the staying time of nodes and the cluster is formed based on the transmission range of the cluster head. This idea about clustering can also be added with future enhancement. Research has to be continued for more theoretical analysis on anonymity and delay, and evaluation on performance and trade-offs under various network scenarios. REFERENCES Figure. 5. Drop Comparison V. CONCLUSION AND FUTURE ENHANCEMENT This project covers the idea about hierarchical anonymous routing scheme. By anonymous routing protocol are crucial in MANETs to provide secure communications by hiding node identities and routes from outside observers. Anonymity in MANETs includes identity and location anonymity of senders and destinations as well as route anonymity. The aim of the project is to make the communication between different nodes anonymous in MANET. By anonymity we mean that intermediate nodes are unaware of the sender and destination. Only the sender will know the receiver and only the receiver will know the sender. Here in this project hierarchical anonymity is implemented by RSA based encryption. In this routing the sender and receiver details is encrypted by the sender. In this approach the encryption is done only at the group level. Hence the total time delay does not increase by a large factor. This approach ensures inter group anonymity. Nodes within the group will have an idea about the sender and receiver but outside the group nobody knows the real sender and receiver. Active research work for MANETs is carrying on mainly in the fields of Medium Access Control (MAC), routing, re- source management, power control, and security. Researchers are looking forward to the importance of [1] Haiying Shen and Lianyu Zhao, ALERT: An Anonymous Location- Based Efficient Routing Protocol in MANETs, Proc. Intl Conf. Parallel Processing (ICPP), [2] A. Pfitzmann, M. Hansen, T. Dresden and U. Kiel, Anonymity, Unlinkability, Unobservability, Pseudonymity, and Identity Management a Consolidated Proposal for Technology, Version 0.31, Technical report, [3] S.Muthuramalingam, M.Sujatha and R.Surya An Enhanced Sectorized Clustering Scheme based on Transmission Range for MANETs, IEEE- International Conference on Recent Trends in Information Technology, June [4] Z. Zhi and Y.K. Choong, Anonymizing Geographic Ad Hoc Routing for Preserving Location Privacy., Proc. Third Intl Workshop Mobile Distributed Computing (ICDCSW), [5] V. Pathak, D. Yao and L. Iftode, Securing Location Aware Services over VANET Using Geographical Secure Path Routing,, Proc. IEEE Intl Conf. Vehicular Electronics and safety (ICVES), [6] K.E. Defrawy and G. Tsudik, ALARM: Anonymous Location- Aided Routing in Suspicious MANETs,, Proc. IEEE Intl Conf. Network Protocols (ICNP), [7] Karim El Defrawy and G. Tsudik, Privacy-Preserving Location-Based On-Demand Routing in MANETs,, IEEE Journal on selected areas in communications, December [8] X. Wu, J. Liu, X. Hong and E. Bertino, Anonymous Geo- Forwarding in MANETs through Location Cloaking,, IEEE Trans. Parallel and Distributed Systems, vol. 19, no. 10, pp , Oct [9] K. El-Khatib, L. Korba, R. Song and G. Yee, Anonymous Secure Routing in Mobile Ad-Hoc Networks,, Proc. Intl Conf. Parallel Processing Workshops (ICPPW), [10] H. Frey and I. Stojmenovic, On delivery guarantees of face and combined greedy-face routing in ad hoc and sensor networks., In Proc. of MobiCom, [11] Hao Yang and Haiyun Luo, Security in mobile ad-hoc networks: challenges and solutions,wireless Communications, IEEE [12] Xiaoqing Li, Hui Li, Jianfeng Ma and Weidong Zhang An Efficient Anonymous Routing Protocol for Mobile Ad Hoc Networks, Fifth International Conference on Information Assurance and Security,2009. [13] Lanjun Dang, Jie Xu and Hui Li, DASR: Distributed Anonymous Secure Routing with Good Scalability for Mobile Ad Hoc Networks., IEEE Asia-Pacific Services Computing Conference,2010.