93

CHAPTER 3

SRT-SECURE ROUTING USING TRUST LEVELS IN

MANETs

3.1 INTRODUCTION

Many protocols have been designed and implemented to provide

secure routing and data transfer, which ultimately results in too much

overhead and routing load in the network. Keeping this in view, the SRT

algorithm is proposed and implemented to eliminate unwanted computational

and processing overheads that degrade the network. The SRT provides a good

packet delivery ratio by choosing highly secure nodes, based on trust to

establish an authenticated route, thereby enabling secure data transfer.

The rest of the chapter is organized as follows. In section 3.2 an

overview of secure routing, using the Trust level scheme is presented;

Section 3.3 elaborates the improved secure routing scheme, using the trust

level concept; section 3.4 presents the performance evaluation, based on the

security analysis, packet delivery ratio, end to end delay, throughput, trust

compromise and routing load, and section 3.5 gives the summary.

3.2 OVERVIEW OF SRT SCHEME

In this scheme, the nodes in the network are made to fall into one of

the three lists; the Ally list, Associate list and Acquaintance list, based on the

degree of trust. The trust calculation process involves the grouping of the

94

nodes in the network, based on the parameter called the Trust rate (Trate).

Based on the level of the security needed for the data, the nodes in a specific

security level are made active for routing, depending on their trust value. This

scheme does not use any key management technique. Trust is compromised,

only if secure neighbors are not available. In this case, the route is established

by choosing the nodes in the next lower level. Simulation results show that

the proposed SRT has a better performance than the NTP and AODV, in

terms of the packet delivery ratio and end-to-end delay, both in the absence

and presence of the black hole attack. Trust compromise for the proposed

scheme also shows better results, when compared to the NTP and AODV.

3.3 SECURE ROUTING USING TRUST LEVEL SCHEME

The basic idea behind the NTP based routing is to assess the

stability of neighbors by initiating the beacons, and computing the NTP

matrix. As the NTP is not a secure routing protocol, a new algorithm is

proposed and implemented in the NTP protocol, so that the routing is

performed in a secure manner. After the first flooding of the beacons, the Trate

for each node is calculated based on the Equation (3.1).

Trate = (r-t)/r (3.1)

where, r – Number of beacons received

t – Number of beacons transmitted

The Trate values are used to classify the nodes into the three lists, the

ally list (highly secure information), associate list and acquaintance list. The

nodes are arranged in the descending order of the trust rate and the first one

third of the nodes fall in level 2, the next one third fall in level 1 and the

remaining in level 0. This process is repeated for each flooding.

95

Ally list (Level 2): The nodes in the ally list are chosen to send

highly secure information. This is useful in real time scenarios like online

banking.

Associate list (Level 1): The nodes in the associate list are chosen to

send information which requires moderate security, e.g. chat messages.

Acquaintance list (Level 0): The nodes in the acquaintance list are

chosen to send information which does not require any security, e.g.

advertisements.

A field called “level” is included in the neighbor table. If a node

has packets to send, it checks whether the destination is present in the

neighbor table. If so, it starts transmitting the packets. Otherwise, a search

packet is sent to the best neighbor of the node, which is in the same level. If

the neighbor is not found in the same level, trust is compromised by choosing

the best neighbor in the next lower level. If the destination address is found in

the neighbor table of the node receiving the search packet, then the searching

process is terminated. Otherwise, the packet is forwarded to the best neighbor

of that intermediate node. This node is entered as the next hop for the

particular destination in the route table, and the time is also recorded.

As the Trate values are calculated and the nodes are grouped after

each flooding, the malicious node (black hole attack) will be pushed to the

lower level. Thus, the malicious node is removed from the path.

3.3.1 Trust Compromise

Trust compromise is based on the number of nodes in the lower

levels when compared to that of the level of the source. When the source is in

the Ally list, the trust compromise will be the sum of the number of nodes in

96

the associate list, and twice the number of nodes in the acquaintance list, as

given in Equation (3.2).

Trust compromise = n (associate) + 2*n (acquaintance) (3.2)

where, n (associate): Number of nodes in the associate list

n (acquaintance): Number of nodes in the acquaintance list

2: Twice the number of nodes when considered from the

acquaintance list, trust compromise is less in SRT.

Figure 3.1 Intermediate Nodes in Level 2

All the intermediate nodes in level 2 are assumed as scenario 1,

which is shown in Figure 3.1. When the source and the destination are in level

2, and if all the intermediate nodes are also in level 2, the trust compromise is

quite less. This is because, all the nodes in the route have a high trust rate, and

forward the control packets better than the nodes in the other levels.

97

Figure 3.2 Intermediate Nodes in Level 1 or Level 0

One or more intermediate nodes in level 1 or level 0 are assumed as

scenario 2, which is shown in Figure 3.2. When the source is in level 2 (Ally

list) and the destination is in level 1 (Associate list) or level 0 (Acquaintance

list), the trust compromise increases. This is because; the intermediate nodes

have a lesser trust rate due to their presence in level 1 or level 0. If the best

neighbor is not in level 2, the trust compromise increases.

3.4 SIMULATION ENVIRONMENT

To analyze the security in routing and to measure the level of

compromise, the black hole attack is introduced in both the AODV and NTP.

The analysis is used to detect and eliminate the black hole attack, using the

proposed algorithm SRT which is shown in Figure 3.3 as flow chart. The following performance metrics are simulated in the AODV and NTP protocols.

1. Throughput

2. Packet Delivery Ratio

3. End to End delay

98

No

Source initiates beacons and repeats n times

Receiving neighbors reinitiate beacons

Each node receives more than One beacon packets

Search packet is sent to the best neighbor of the node which is in

the same level

Trust rate is calculated using the formula Trate = (r-t)/r

Trust is compromised by choosing a neighbor in the immediate lower level.Trust compromise = n (associate) + 2* n (acquaintance).

Secure route is established

Start

Is neighbor found in the same level?

Yes

Figure 3.3 Flow of Control in the Proposed Algorithm

99

The GloMoSim tool [GLOMOSIM Tutorial] is used to evaluate the

performance metrics. The simulated network consists of 40 nodes in a terrain

consists of 1700m X1700m. Nodes are placed randomly throughout the

terrain, and simulation is allowed to run for 1200s.

The results are simulated for 100 packets as shown in Table 3.1.

Table 3.1 Simulation Parameters

Simulation time 20 minutes Terrain area 1700 x 1700m2

Number of Nodes 40Node placement strategy Random Propagation Model Two-Ray Model Transmission range of each node 250m Mobility Model Random way point Radio type Accumulated Noise Model Network Protocol IP MAC protocols IEEE 802.11 DCF Routing Protocols NTP, AODV

3.4.1 Simulation Performance Metrics in the Absence of Black Hole

Attack

3.4.1.1 Packet delivery ratio

This is the fraction of the data packets generated by the CBR

sources that are delivered to the destination. This evaluates the ability of the

protocol to discover routes.

100

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 150.86

0.88

0.9

0.92

0.94

0.96

0.98

1

Packet delivery ratio vs Mobility(m/s)

Mobility(m/s)

SRTNTPAODV

Figure 3.4 Packet Delivery Ratio Vs Mobility (m/s) (Absence of Black

Hole Attack)

Figure 3.4 shows the plot between the node mobility and packet

delivery ratio for the SRT, NTP and AODV. The packet delivery ratio of the

proposed algorithm SRT is 1.1% greater than that of NTP and 1.33% greater

than that of AODV even at higher mobility, in the absence of malicious

nodes. The SRT has only nodes which are in level 2 in the route, and hence,

the Packet delivery Ratio (PDR) is greater.

3.4.1.2 Average end-to-end delay

This is the average delay between the sending of the data packet by

the CBR source and its receipt at the corresponding CBR receiver. This

includes all the delays caused during route acquisition, buffering and

processing at intermediate nodes.

101

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 150

5

10

15

20

25

30

35

40

45End-to-end delay (ms) vs Mobility(m/s)

Mobility(m/s)

SRTNTPAODV

Figure 3.5 End-to-End Delay (ms) Vs Mobility (m/s) (Absence of Black

Hole Attack)

Figure 3.5 is plotted between the node mobility and end-to-end

delay for SRT, NTP and AODV. At higher mobility, the SRT has 15.7%

lesser end-to-end delay than the NTP, as routing is restricted to the nodes

which fall under a particular trust level, whereas the end-to-end delay of the

SRT is 38% greater than that of AODV.

3.4.1.3 Trust compromise

Trust compromise indicates the number of lower level nodes in the

secure route. The proposed SRT algorithm selects the route such that the trust

compromise is the least in all the cases. There is a compromise between

message security (trust compromise) and end-to-end delay, which is generally

the case with most of the security algorithms. Figure 3.6 shows that in the

absence of an attack, the proposed SRT algorithm has a lesser trust

compromise when compared to the AODV and NTP.

102

10 15 20 25 30 35 40 45 500

3

6

9

12

15

18

21Trust compromise vs Number of nodes

Number of nodes

SRTNTPAODV

Figure 3.6 Trust Compromise Vs Number of Nodes (Absence of Black Hole Attack)

3.4.2 Simulation Performance Metrics in the Presence of a Black Hole Attack

Performance metrics are discussed in the presence of black hole attack.

3.4.2.1 Packet delivery ratio

Figures 3.7 and 3.8 shows the comparison of NTP, SRT, and

AODV for the packet delivery ratio metric, for nodes moving at speeds of 0-20m/s for 100 packets and 500 packets respectively. As the mobility increases, the packet delivery ratio decreases. The SRT algorithm detects the malicious nodes in the network and eliminates them. A new path is chosen to route the

packets, through nodes with a higher trust level. Hence, the packet delivery ratio of the SRT is greater when compared to that of the AODV and NTP.

The packet delivery ratio of the AODV and NTP falls drastically at higher mobility. The Packet delivery ratio of the SRT is 48% greater than that of the AODV and 22.6% greater than that of the NTP in the presence of an attack.

103

0 2 4 6 8 10 12 14 16 18 200.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1Packet delivery ratio vs Mobility(m/s)

Mobility(m/s)

SRTNTPAODV

Figure 3.7 Packet Delivery Ratio Vs Mobility (m/s) (Presence of Black Hole Attack-100 packets)

Figure 3.8 Packet Delivery Ratio Vs Mobility (m/s) (Presence of Black Hole Attack-500 packets)

104

3.4.2.2 Average end-to-end delay

Figures 3.9 and 3.10 shows the comparison of NTP, SRT and

AODV for the end-to-end delay metric for nodes moving at speeds of 0-20

m/s for 100 packets and 500 packets respectively. Delay increases with an

increase in the node speed in the SRT and NTP, whereas the delay remains

almost constant in the AODV. It is seen that the end-to-end delay in the SRT

is 47% greater than that of the AODV, because the time taken to detect the

malicious node, and to find a new route using the trust rate, is more in the

SRT.

0 2 4 6 8 10 12 14 16 18 200

1

2

3

4

5

6

7

8

9

10 x 104 End-to-end delay(ms) vs Mobility(m/s)

Mobility(m/s)

SRTNTPAODV

Figure 3.9 End-to-End Delay (s) Vs Mobility (m/s) (Presence of Black

Hole Attack-100 packets)

105

Figure 3.10 End-to-End delay (ms) Vs Mobility (m/s) (Presence of Black Hole Attack-500 packets)

3.4.2.3 Throughput

Throughput is calculated as the ratio of the output in bits to the

difference in time, between the first packet sent and the last packet received.

Figures 3.11 and 3.12 shows the comparison of NTP, SRT and AODV for

throughput metric for the nodes moving at speeds of 0-20 m/s for 100 packets

and 500 packets respectively. The throughput of the proposed algorithm,

SRT, is better than that of the AODV and NTP with attack because the

number of packets reaching the destination is higher in the SRT, as the

intermediate nodes chosen to route the packets are in the highest trust level.

For the SRT, it can be observed that even with increasing mobility, the

variations in throughput are less. The throughput performance of the SRT is

29.4% greater than that of the AODV and 56.1% greater than that of the NTP.

106

0 2 4 6 8 10 12 14 16 18 200

2000

4000

6000

8000

10000

12000Throughput (bps) vs Mobility(m/s)

Mobility(m/s)

SRTNTPAODV

Figure 3.11 Throughput (b/s) Vs Mobility (m/s) (Presence of Black Hole Attack-100 packets)

Figure 3.12 Throughput (b/s) Vs Mobility (m/s) (Presence of Black Hole Attack-500 packets)

107

3.4.2.4 Trust compromise

Figure 3.13 shows the trust compromise for SRT, NTP and

AODV. It is observed that the trust compromise is much less for the SRT

when compared with the NTP and AODV, even after the detection and

elimination of the attack. This is because, all the nodes in the route have a

high trust rate, and forward the control packets better than the nodes in the

other levels.

10 15 20 25 30 35 40 45 500

3

6

9

12

15

18

20Trust compromise vs Number of nodes

Number of nodes

SRTNTPAODV

Figure 3.13 Trust Compromise Vs Number of Nodes (Presence of Black

Hole Attack)

3.4.3 Comparison of the Performance Metrics after the Detection

and Elimination of Attack in ARAN and SRT

In this section, the performance of the proposed SRT algorithm is

compared with the well known secure protocol, ARAN (Sanzgiri et al 2002).

108

ARAN detects and protects the network from malicious actions by third

parties and peers in one particular ad hoc environment. ARAN introduces

authentication, message integrity and non-repudiation to an ad hoc

environment, as part of a minimal security policy. The ARAN protocol is

compared with the SRT in terms of the packet delivery ratio, routing load and

path length. It is shown that the packet delivery ratio of ARAN is slightly

greater than that of SRT. But, the path length and routing load is lesser in the

SRT than in ARAN.

Evaluations were done using GloMoSim. Simulation was done with

the field configurations of 20 nodes distributed over a 670m x 670m terrain.

The initial positions of the nodes were random. Node mobility was simulated

according to the random waypoint mobility model, in which each node travels

to a randomly selected location at a configured speed. The node transmission

range was 250 m. Simulations were run for constant node speeds of 0 to

10 m/s, with a pause time fixed as 30 seconds. In each session 1000 data

packets of 512 bytes, were generated at the rate of 4 packets per second. Table

3.2 shows the simulation parameters for 100 packets.

Table 3.2 Simulation Parameters

Simulation time 20 minutes

Terrain area 670 x 670 m2

Number of Nodes 20

Node placement strategy Random

Propagation Model Free-Space Model

Transmission range of each node 250m

Mobility Model Random way point

Network Protocol IP

Routing Protocols SRT, ARAN

109

3.4.3.1 Packet delivery ratio

The packet delivery ratio metric is important because data packets

passing through malicious nodes are overheard, and could potentially be

modified or dropped (Sanzgiri et al 2002). From Figure 3.14 it is observed,

that the packets dropped due to the attack are lesser in ARAN than in SRT,

because ARAN provides authentication and non-repudiation services, using

pre-determined cryptographic certificates that guarantee end-to-end

authentication. The packet delivery ratio is almost equal for both the SRT and

ARAN.

1 2 3 4 5 6 7 8 9 100.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1Packet delivery ratio vs Mobility(m/s)

Mobility(m/s)

SRTARAN

Figure 3.14 Packet Delivery Ratio Vs Mobility (m/s) (For SRT and

ARAN)

110

3.4.3.2 Average routing load

Simulations show that ARAN has a higher overall routing load and

latency in route discovery, because of the cryptographic computation

(Sanzgiri et al 2002). In SRT the routing load is 55.2% lesser when compared

with ARAN, as shown in Figure 3.15. This is because the SRT does not use

any cryptographic computation, but uses trust levels for secure routing. This

shows that the SRT has a better performance in terms of routing load.

0 2 4 6 8 100

0.05

0.1

0.15

0.2

0.25

0.3

0.35

0.4Average routing load vs Mobility(m/s)

Mobility(m/s)

SRTARAN

Figure 3.15 Average Routing Load Vs Mobility (m/s) (For SRT and

ARAN)

111

3.4.3.3 Average path length

Figure 3.16 Average Path Length Vs Mobility (m/s) (For SRT and

ARAN)

Figure 3.16 shows that the average path length for the SRT is

greater than that of the ARAN protocol, because routing in SRT is performed

by choosing the nearest neighbor based on the maximum power level, and not

the shortest path as is done in ARAN.

3.4.4 Comparison of the Performance Metrics after the Detection

and Elimination of Attack in SAODV and SRT

Secure Ad hoc On-demand Distance Vector (SAODV) routing

protocol (Mawloud Omar, 2012) (Tamilselvan et al, 2007) detects and

protects against malicious actions. SAODV protocol is compared with SRT in

0 2 4 6 8 100

0.5

1

1.5

2

2.5

3

3.5

4

4.5

5Average path length Vs Mobility (m/s)

Mobility (m/s)

SRTARAN

Ave

rage

path

leng

th(N

umbe

rof

hops

)

112

terms of end-to-end delay and routing overhead. It is shown that the end-to-

end delay of SRT is lesser than SAODV, where as the routing load of SRT

and SAODV are comparable.

When the source wants to transmit to the destination, it first

transmits the route request packet to all the neighboring nodes. The malicious

node does not transmit the data packets to the destination node, but it

intercepts/collects the data from the source node. So, it replies to the source

for the request sent. The source, instead of transmitting the data packets

immediately through the malicious node, it waits for the reply from the other

nodes. After some time it receives the characteristic replies from its

neighbors. According to SAODV solution, it first checks the path that

contains repeated next hop node to the destination. If there is no repeated

node, random path is selected and the data is transmitted through that path.

The timer expiration event is triggered if the timer that is set for collecting the

route replies for a particular route discovery is expired. SAODV is an

enhancement of the existing protocol AODV.

The evaluations were performed using the GloMoSim. Simulation

was done with the field configurations of 25 nodes distributed over an 800m x

800m terrain. The initial positions of the nodes were random with a pause

time of 30s and an inter departure time of 1s. Node mobility was simulated

according to the random waypoint mobility model, in which each node travels

to a randomly selected location at a configured speed. Node transmission

range was 250m. Simulations were run for constant node speeds of 0 to

10 m/s, with pause time fixed at 30 seconds. Each session generated 300 data

packets of 512 bytes each at the rate of 4 packets per second. Table 3.3 shows

the simulation parameters for 100 packets.

113

Table 3.3 Simulation Parameters

Simulation time 5 minutes Terrain area 800 x 800 m2

Number of Nodes 25Node placement strategy Random Propagation Model Two Ray Model Transmission range of each node 250mMobility Model Random way point Network Protocol IP Routing Protocols SRT, SAODV

3.4.4.1 Average end-to-end delay

Figure 3.17 shows the comparison of SRT and SAODV for the end-

to-end delay metric for nodes moving with speeds of 0-50m/s.

0 10 20 30 40 500

0.01

0.02

0.03

0.04

0.05

0.06

0.07

0.08

0.09

0.1End-to-end delay (ms) vs Mobility(m/s)

Mobility(m/s)

SRTSAODV

Figure 3.17 End-to-End Delay (ms) Vs Mobility (m/s) (For SRT and SAODV)

114

Delay increases with increase in node speed in SRT and SAODV. It

is seen that the end-to-end delay in SRT is 22.2% lesser than ARAN because

the time taken to find a new route using the trust rate is lesser in SRT.

3.4.4.2 Routing overhead with number of transactions

To evaluate the routing overhead, simulation is done with 25 nodes

and 8 CBR applications. The number of transaction indicates number of flows

initiated during a particular duration of time from same or different sources to

same or different destinations within the considered network.

Figure 3.18 shows the comparison of SRT and SAODV for routing

overhead metric for nodes moving with speeds of 0-50m/s. Routing overhead

increases with increase in the no. of transactions in SRT and SAODV. It is

seen that the routing overhead in SRT is 18.6% lesser than ARAN because the

nodes chosen for routing is less.

1 1.5 2 2.5 3 3.5 4 4.5 50.02

0.04

0.06

0.08

0.1

0.12

0.14

0.16

0.18

0.2Routing overhead vs Number of transactions

Number of transactions

SAODVSRT

Figure 3.18 Routing Overhead Vs Number of Transactions (For SRT

and SAODV)

115

3.4.5 Comparison of NTP and AODV with SRT

The Tables 3.4 and 3.5 describes the comparison of the results of

NTP protocol and AODV with the proposed algorithm SRT implemented in

NTP both in the absence and presence of Black hole attack.

3.4.5.1 In the absence of black hole attack

In the Table 3.4 shown below, the metrics such as packet delivery

ratio, end to end delay and trust compromise are summarized for NTP and

AODV in comparison with SRT. It is concluded from the simulation analysis

that the packet delivery ratio and trust compromise for NTP and AODV are

lesser than the proposed algorithm SRT. End to end delay for SRT is lesser

than NTP and greater than AODV.

Table 3.4 Comparison of NTP and AODV with SRT

Protocol / Parameter NTP AODV

Packet delivery ratio <1.1% <1.33%

End-to-end delay >15.7% <38%

Trust compromise <48.4% <64.6%

3.4.5.2 In the presence of black hole attack

In the Table 3.5, the metrics such as packet delivery ratio, end to

end delay, throughput and trust compromise are summarized for NTP and

AODV in comparison with SRT in the presence of black hole attack. The

result shows that SRT performs much better than NTP and AODV.

116

Table 3.5 Comparison of NTP and AODV with SRT

Protocol / Parameter NTP AODV

Packet delivery ratio <22.6% <48%

End-to-end delay >46% <47%

Throughput <56.1% <29.4%

Trust compromise <52.5% <78%

3.4.6 Comparison of ARAN and SAODV with SRT

The Table 3.6 describes the comparison of the results of ARAN and

SAODV protocols with the proposed SRT algorithm implemented in NTP. It

is observed that the routing load of SRT is lesser than ARAN. It is also

observed that SRT performs much better than SAODV where the routing load

and end to end delay are lesser than SAODV.

Table 3.6 Comparison of ARAN and SAODV with SRT

Protocol / Parameter ARAN SAODV

Packet delivery ratio >1.72% -

Average routing load >55.2% -

Average path length <30.5% -

End-to-end delay - >19.4%

Routing overhead - >15.76%

117

3.5 SUMMARY AND CONCLUDING REMARKS

In this work, routing is carried out using two protocols, the AODV

and NTP. The effect of a black hole attack by malicious nodes is analyzed in

the AODV and NTP protocols. A new method named as the SRT in MANETs

is implemented, which detects and eliminates the malicious nodes from the

network, by using trust levels calculated by means of the number of beacons

received by the nodes. This number keeps changing for every flooding of the

beacon packets. Performance metrics, such as the packet delivery ratio,

throughput, end-to-end delay and trust compromise are evaluated.

The analysis shows that the performance of the SRT algorithm is

better than that of the AODV and NTP protocols in the presence of an

attacker as well as after the elimination of the attacker. The security is thus

enhanced by assigning the trust level to the trusted nodes, so that the trusted

node does not get compromised in any situation. The trust compromise for the

SRT is also simulated, and it shows a better performance when compared to

the AODV and NTP. Also, performance metrics, such as the Packet delivery

ratio, average path length and average routing load are evaluated, and a

comparison is done between the two secure routing protocols, the ARAN

protocol and the SRT in NTP protocol. The SRT has a better performance

when compared to the ARAN, in terms of routing load. The packet delivery

ratio of the SRT is almost equal to that of ARAN. Also, performance metrics,

such as end to end delay and routing overhead are evaluated, and a

comparison is done between the two secure routing protocols, the SAODV

protocol and the SRT in NTP protocol. The SRT has a better performance

when compared to the SAODV for both the metrics.