- Open Access
An effective implementation of security based algorithmic approach in mobile adhoc networks
© Singh et al; licensee Springer 2014
- Received: 2 December 2013
- Accepted: 9 April 2014
- Published: 19 June 2014
Mobile Ad-hoc Network one of the prominent area for the researchers and practitioners in assorted domains including security, routing, addressing and many others. A Mobile Ad-hoc Network (MANET) refers to an autonomous group or cluster of mobile users that communicate over relatively bandwidth constrained wireless links. Mobile ad hoc network refers to the moving node rather than any fixed infrastructure, act as a mobile router. These mobile routers are responsible for the network mobility. The history of mobile network begin after the invention of 802.11 or WiFi they are mostly used for connecting among themselves and for connecting to the internet via any fixed infrastructure. Vehicles like car, buses and trains equipped with router acts as nested Mobile Ad-hoc Network. Vehicles today consists many embedded devices like build in routers, electronic devices like Sensors PDAs build in GPS, providing internet connection to it gives, information and infotainment to the users. These advances in MANET helps the vehicle to communicate with each other, at the time of emergency like accident, or during climatic changes like snow fall, and at the time of road block, this information will be informed to the nearby vehicles. Now days technologies rising to provide efficiency to MANET users like providing enough storage space, as we all know the cloud computing is the next generation computing paradigm many researches are conducting experiments on Mobile Ad-hoc Network to provide the cloud service securely. This paper attempts to propose and implement the security based algorithmic approach in the mobile adhoc networks.
- Network security
- Wormhole attack
- Secured algorithm
Now days, lots of research is going on in the domain of mobile ad hoc networks. One of the major issues in the mobile ad hoc networks is the performance - in a dynamically varying topology; the nodes are expected to be power-aware because of the bandwidth constrained network. Another matter in such networks is security - as each node participates in the operation of the network equally, malicious nodes are intricate to identify. There are several applications of mobile ad hoc networks such as disaster management, ware field communications, etc. To analyze and detailed investigation of these issues, the scenario based simulation of secure protocol is done and compared with classical approaches. The scenarios used for the simulation and predictions depict critical real-world applications including battlefield and rescue operations but these can be used in many other applications also.
In ad hoc networks all nodes are responsible of running the network services meaning that every node also works as a router to forward the networks packets to their destination. It is very challenging for researchers to provide comprehensive security for ad hoc networks with the desired quality of service from all possible threats. Providing security becomes even more challenging when the participating nodes are mostly less powerful mobile devices.
Wireless Ad Hoc networks have been an interesting area of research for more than a decade now. What makes ad hoc networks interesting and challenging is its potential use in situations where the infrastructure support to run a normal network does not exist. Some applications include a war zone, an isolated remote area, a disaster zone like earthquake affected area and virtual class room etc.
In ad hoc networks all nodes are responsible of running the network services meaning that every node also works as a router to forward the networks packets to their destination. It is very challenging for researchers to provide comprehensive security for ad hoc networks with the desired quality of service from all possible threats. Providing security becomes even more challenging when the participating nodes are mostly less powerful mobile devices. In this paper an effort has been made to evaluate various security designs proposed.
In any classical fixed or wireless network, the security is implemented at three stages: prevention, detection and cure. The key parts of prevention stage include authentication and authorization. The authentication is concerned with authenticating the participating node, message and any other meta-data like topology state, hop counts etc. Authorization is associated with recognition. The point where detection is the ability to notice misbehavior carried out by a node in the network, the ability to take a corrective action after noticing misbehavior by a node is termed as cure.
Assorted possible attacks that are implemented on ad hoc networks are eavesdropping, compromising node, distorting message, replaying message, failing to forward message, jamming signals etc. The central issues behind many of the possible attacks at any level of security stage are authentication, confidentiality, integrity, non repudiation, trustworthiness and availability.
• Basically Ad-hoc Networks depends upon any fixed infrastructure or any other mobile node to communicate, through forwarding and receiving packets.
• Comparing the security issues of wireless ad-hoc network with wired ad-hoc network, wired network has the proper infrastructure for forward and receiving packets, whereas in wireless network there is no proper infrastructure and it is accessible by both authorized users and hackers.
• In this wireless ad-hoc network there is no particular design to monitor the traffic and accessibility, these leads to third party intervention like malicious users.
In this manuscript, various issues are focused that affect the ad-hoc networks security mechanism and also to concentrate on pros and cons of Mobile networks protocols. The focus on enhancing security and reliability to Mobile Ad-hoc Network (MANET)  is also addressed.
Many researches were done before to provide security to MANET  but none of the protocol shines in providing security and performance. There are many defects in the Mobile framework; this may cause unknown nodes to connect frequently without any proper routing. In order to prevent other nodes from trespassing we are going to concentrate on providing more security to Mobile Ad-hoc network.
There were so many research areas in MANET  in that security is the major concern among others.
The scope of securing MANET  is mentioned here
• Securing MANETs  is great challenge for many years due to the absence of proper infrastructure and its open type of network.
• Previous security measures in MANETs  are not effective in the challenging world with advancement in technology.
• Many layers often prone to attacks man in middle attack or multilayer attack, so proposal should concentrate on this layers.
• In this project we are going to concentrate on applying bio inspired intelligence  techniques for securing MANETs.
• The main objective of the manuscript is providing security to the existing systems mainly on the network layer to prevent the attacks like wormhole attacks  etc.
• To analyze the scope of multi layer attacks .
• To analyze the needs of above mentioned techniques in different network layers especially in the multi link layer.
• To propose a unique technique for above mentioned attacks.
• Intelligent MANET  proposal to deal with all kinds of attacks.
• To validate the above techniques by implementing and analyzing its results with the existing systems.
• It provides a relative study of the systems under the parameters packet loss, packet delivery rate and network connectivity.
• A better understanding of the Quality of Service (QoS) parameters can be obtained and they can be used for solving various networking complexities.
The minimum requirements needed to perform operations are
• Intel Pentium Processor at 2 GHz or Higher
• RAM 256 MB or more
• Hard disk capacity 10 GB or more
The software required to perform the implementation are
• Linux Operating System (Ubuntu, Fedora)
• NS2, NAM tools
• GNU Plot
Malicious node  is one which causes attacks on various layers on MANET like application layer, data link layer, physical and network layer.
There were two types of attacks on MANET, they are
• Active attacks
• Passive attacks
In this attack, some harmful information is injected into the network, which causes malfunctioning of the other nodes or network operation. For performing this harmful information it consumes some sort of energy from other nodes, those nodes are called as malicious node.
In this passive attack, the malicious nodes disobey to perform its task for some sort reasons like saving energy for its own use of moving randomly, by diminishing the performance of the network.
Network layer attack
Let us concentrate on various attacks on the network layer.
Wormhole attack  is also known as tunnelling attack, in this tunnelling attack the colluding attackers build tunnel between the two nodes for forwarding packets claiming that providing shortest path between the nodes and taking the full control of the nodes, which is invisible at the higher layers.
In the previous techniques wormhole attack is prevented using the Location based Geo and Forwarding (LGF) Routing Protocol.
There are several steps in implementing LGF routing protocol, consider source node S wants to communicate with destination node D (Figure 2).
• The Source node multicast the RREQ message to all the intermediate which contains the IP address of the destination node based on distance of the destination node.
• This protocol is tested with source node 100 M away from the destination node and the intermediate nodes as
DIST (S, 1) = 40 M
DIST (S, 2) = 53 M
DIST (S, 5) = 48 M
DIST (1, 3) = 60 M
DIST (2, 3) = 130 M
DIST (3, D) = 180 M
DIST (4, 6) = 45 M
DIST (S, 4) = 62 M
DIST (5, 6) = 85 M
DIST (6, D) = 78 M
• Compare distance between source and destination using the following code
If (intermediate nodes < source node S to destination node D distance)
These are the nodes in between S to D, can conditionally transfer the RREQ packet to D.
The intermediate node is out of transmission area, so send RREQ error message to S node
• RREQ has been received in destination node, start D node sending RREP packet towards the intermediate node to reach the source node.
• S node received RREP packet from different intermediate nodes, compare the distance from different intermediate nodes.
However the preventive measures of wormhole attack with this LGF protocol was not solved clearly.
Black hole attack  is the serious problem for the MANETs, in this problem a routing protocol has been used by malicious node reports itself stating that it will provides shortest path.
In flooding based protocol, a fake route is created by the malicious node rather than the actual node, which results in loss of packets as well as denial of service (DoS).
Two tier secure AODV (TTSAODV)
During route discovery mechanism and
During data transfer mechanism
In this technique, black hole attack is easily identified either of these two techniques, even it fails in any of the mechanism. The major drawback in this technique causes enormous packet loss and delay in transferring packet.
In the resource consumption attack, a malicious node can try to consume more battery life demanding too much of route discovery, or by passing unwanted packets to the source node.
In the location disclosure based attack, the malicious node collects the information of routes map and then focus on further attacks. This is one of the unsolved security attacks against MANETs.
There are different types of multilayer attacks in MANET, they are as follows
• Denial of Service (DoS)
• SYN flooding
• Man In Middle attacks
• Impersonation attacks
In this, proposed algorithm prevents the worm-hole attacks by routing the data through the authorized nodes like LN, and AN nodes through this way the communication takes place.
Since every connection through nodes is possible only through Leader Node and Access node so there is impossible for a malicious node to make tunnel from the source node.
The Leader Node manages the routing table and also the details of all the nodes in its group, it also contains the details of whether the particular node is Access Node or normal node. The Leader node also maintains details about other groups Leader Node and its address with the help of its Access Nodes.
The normal node in a group maintains a table that contains information of its Leader Node address and the common identifier generated by the Leader Node. The Access nodes have a table that maintains the other Leader Nodes common identifiers.
The address of the Leader Node that has already involved in routing has stored in every packet, it is used for verification by other Leader Nodes.
When a source node in a need of route to deliver packets to the destination node, it sends Route Request message to the Leader node, the Leader Node uses its common identifier to verify the packet with alpha numeric values.
The leader Node checks whether the destination node is in house, if the destination node is present under the leader node, then it sends the packet directly. If the destination node is not in house then it sends Route Request message to all its Access nodes, The Access nodes using their common identifier verifies the alpha numeric values from Leader node then transfers that packet to the neighbours Access Node.
The neighbour Access node checks whether the packet came from its neighbour Leaders node or from any malicious node by common identifier that has previously exchanged, then it sends the Route Request message to its Leader Node, this Leader Node verifies the Leader node details and include its details in that packet and forwards the original packet until it reaches the destination.
Finally the destination node checks whether the packet came from its Leader node or from any malicious node using the identifier, after verification process is over it accepts the packet.
Destination node sends the Reply Request message (RREP) to source node through the same route already followed for transferring packet.
In case the any node involved in the routing moves away from one group into the another group, the previous process is not needed as it is already registered in that network, some other node in that group replace the previous node.
Suppose if the source node or destination node moves away from its group, the foreign Access Node acts as a relay node for forwarding packets this process minimizes the time for authenticating in newer group.
Worm-hole attack prevention using alpha numeric reflex routing algorithm
In this technique, there won’t be any possibilities for a malicious node to make tunnelling between the source and the destination nodes, as it is not included in the either of any groups. The packets are safe to reach the destination node efficiently.
Pseudocode for alpha numeric reflex routing algorithm
Proposed algorithm to prevent black hole attack
In this proposed algorithm, the Expected broadcast count algorithm is introduced. With the help of this algorithm highest throughput is possible between the nodes but however the actual algorithm does not prevent the black hole attack.
Throughput refers to the average number of message transmitted in a given time, it is usually measured in bps or bits per second, and it is also mentioned as packet delivery ratio. Malicious node plays a major role in affecting throughput in black hole attacks.
Secure mesh network measurement technique is proposed in this project to prevent the black hole attacks during route discovery process between the source and destination node with the help of the throughput measurement values, this makes the routing process more consistent and efficient communication between the nodes.
Expected broadcast count algorithm
This EBX algorithm is used to increase throughput in MANETs, it is referred as the expected number of packets transmission and retransmission required to successfully deliver a packet in the network.
It is calculated using the delivery ratio of packets in destination node d d and delivery ratio of packets in the source node d s , d d is the prospect of forward packet transmission and d s is the reverse packet transmission.
These d s and d d values are calculated from the acknowledgement packets known as query, nodes commonly exchanges their query message with their neighbours after delivering each packet.
Suppose consider a link from A → B where A and B are the nodes, these two nodes determined themselves to send query message for particular time gap period g/τ, where as τ = jitter (packet delay variations).
Where count (t − g,t) is the number of query commenced by node B and received by node A.
This equation is used to find EBX value for more routes, EBX value has more hops, and the routes with more number of hops may have lesser throughput due to the intrusion among hops in the same path.
Packet loss comparisons
Time (in seconds)
Packet drop (in bits)
Existing system 1
Existing system 2
Proposed system 1
Proposed system 2
Proposed system 3
In this intelligent approach, nodes connected to this network is monitored by server agent, the server agent manages the details of the mobile nodes in a network like
• Behaviour of the node
• Speed of the node
• Direction of the node
• Position of the node
The nodes participating in the networks to access service like internet registers its identity with the server agent, the server agent replies with unique ID to the requesting node.
The source node request route with the current access point to the destination node the current access point forwards the route request to the server agent.
The server agent verifies the source ID, then it accepts the route request from sender then it gathers the information of receiver using destination ID from the list.
The server agent then broadcasts the route request message using destination ID, the registered adjacent nodes that are nearer to the destination node which are ready to provide the service replies with the acknowledgement message to the server agent.
The server agent chooses the adjacent node with the longest life time (the ability of the nodes to stay connected with the destination node) using the details collected from the ID, Such as nodes position, direction of motion and speed of the node.
Then the server agent provides route reply message for the source node, after this authentication process, source node starts sending data packets in a secure way.
In case any node moves away from the network, immediately the server agent replaces it with some other nodes to maintain the continuity of connection.
In this technique, the malicious node or selfish nodes are completely eliminated from the network, as the server agent takes full control of the ad-hoc network.
Mobile adhoc networks are facing vulnerability and security issues from a long time. Assorted protocols and algorithmic approaches has been developed and implemented so far to avoid and remove the issues associated. In this manuscript, we have implemented an empirical and effective approach to optimize the packet loss frequency. The algorithmic approach is implemented in the network simulator ns2 to execute the scenarios and results.
- Clausen TH: Introduction to mobile ad-hoc networks. 2007.Google Scholar
- Yu C-F: Security safeguards for intelligent networks. In IEEE International Conference on World Prosperity Through Communications. ICC '89, BOSTONICC/89. Conference record. GTE Lab. Inc, Waltham, MA, USA; 1989:1154–1159. 10.1109/ICC.1989.49864View ArticleGoogle Scholar
- Choi S, Kim DY, Lee DH, Jung J-i: WAP: wormhole attack prevention algorithm in mobile ad hoc networks. IEEE International Conference on Sensor Networks, Ubiquitous and Trustworthy Computing, ᅟ; 2008.Google Scholar
- Li JH, Das S, McAuley A, Lee J, Stuhrmann T, Gerla M: A multi-layer approach for seamless soft handoff in mobile ad hoc networks. Hui Zeng Intell. Autom., Inc. (IAI), Rockville, MD, USA; 2010.Google Scholar
- Leonard J: Interactive Game Scheduling with Genetic Algorithms. Department of Computer Science, ᅟ; 1997.Google Scholar
- Prasad S, Singh YP, Rai CS: Swarm based intelligent routing for MANETs. Int J Recent Trends Eng 2009, 1(1):ᅟ.Google Scholar
- Garg P: “A comparison between memetic algorithm and genetic algorithm for the cryptanalysis of simplified data encryption standard algorithm”. Int J Netw Secur Appl (IJNSA) 2009, 1(1):ᅟ.Google Scholar
- Sanjay R, Huirong F, Manohar S, John D, Kendall N: Prevention of Cooperative Black Hole Attack in Wireless Ad Hoc Networks”. International Conference on Wireless Networks (ICWN’03), Las Vegas, Nevada, USA; 2003.Google Scholar
This article is published under license to BioMed Central Ltd. This is an Open Access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/2.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly credited.