virtual router

VIRTUAL ROUTER

Kien A. Hua

Data Systems LabSchool of EECS

University of Central Florida

Outline

• Mobile Ad Hoc Networks

• Virtual Router Approach

– Routing

– Data Forwarding

• Cooperation Enforcement in Virtual Router Approach

• Simulation Results

• Conclusions

2

Wireline Communications

Router

Router

Router

Router

S

D

Router

Infrastructure

Routers help forward data

packets

What is Mobile Ad Hoc Network?

→ All nodes participate in the routing and data forwarding process.

Source Node

Destination Node

Infrastructureless

Route Request

Source Node

Destination Node

Route Reply

Source Node

Destination Node

Data Transmission

Source Node

Destination Node

The selected nodes participate in the data forwarding process

Link Break

Source Node

Destination Node

Issue Route Request

Source Node

Destination Node

Selected New Route

Handling High Mobility

• Using Physical Nodes as Routers:

Mobility → link breaks → reroute → overhead !

• Using Virtual Routers:

Virtual routers are stationary → links are robust → fewer reroute → less overhead !

Virtual Router

SD

SD

What is a Virtual Router ?

• A virtual router is a spatial area

• Physical nodes within this area alternate in forwarding data

• When a node leaves the area, it is no longer obliged to forward the data

→Virtual router is stationary

→More suitable for high mobility applications such as vehicular networks

11

Virtual Router

SD

X

Y

Z

Virtual Router – Example

How to apply this concept to vehicular network ?

Each cell is a virtual router

Source Node

Destination Node

Each node has GPS & grid map

Street Environment: Mobility Model

• Streets constrain node mobility

• Nodes can pause and change direction at intersections.

13

Street Environment: Radio Range

Buildings block radio signal → Often no link between nodes on different streets→ Broadcast range is not a circle

14

Mobile Node m

Str

eet

Street

Mobile Node m

Street

Mobile Node m

Str

eet

Street

Cannot establish direct communication

due to the building

Mobile Node m

Str

eet

Street


due to buildings

Radio Range of

m

Effective Radio

Range of m

Mobile Node m

Street


due to the building

Mobile Node m

Street

Cannot establish direct communication due to buildings

Radio Range of

m

Effective Radio

Range of m

Virtual Routers in Street Environment

• Streets are divided into small cells:

– Each intersection is an intersection cell

– A long road block can be divided into multiple block cells

• Radio range must cover any 2 consecutive cells

• Each cell is a virtual router

15

Buildings

Buildings

Cell A Cell B Cell C

Cell A Cell B

Buildings

Buildings

Cell A Cell DCell B Cell C

Vehicular Network UsingVirtual Routers

• “Green” virtual routers form a connecting path between source and destination

• Data are transmitted from source to destination over these virtual routers

16

Source

Destination

Location Discovery

• A source node broadcasts a Location Discovery (LD) packet

• This LD packet propagates until it reaches the destination node

• When the LD packet arrives at the destination, it replies with a Location Reply (LR) packet that includes the location of the destination router (i.e., destination cell).

17

Similar tostandard

route request

Subsequently, every data packet carries the ID’s of the source and destination routers

Data Forwarding: Reference Line

Every data packet carries the locations of Source and Destination

Reference line (RL) is the straight line connecting the center of the source router and the center of the destination router

18

Source node

Source Cell

Destination Cell

DestinationNode

Source node

),( DD YX

),( SS YX

Mid-Point ofSource Cell

Source Cell

Reference Line

Destination Cell

DestinationNode

Mid-Point of aDestination Cell

Data Forwarding: Reference Points

Reference points (RP’s) are the intersections of the reference line and the streets

19

Source node

),( DD YX

),( SS YX

Mid-Point ofSource Cell

Source Cell

Reference Line

Destination Cell

DestinationNode

Mid-Point of aDestination Cell

Center of Streets

Reference Point

Reference Line

Center of Streets

Data Forwarding: Forwarding Zones

• There is one forwarding zone for each reference point

• Three horizontal and two vertical forwarding zones in this example

• Some forwarding zones overlap

• The forwarding zones make up the grid path for data forwarding

20

Source node

Reference Point

DestinationNode

Source node

Reference Point

DestinationNode

Forwarding Zone

Data Forwarding

• Virtual routers within the forwarding zones are selected for data forwarding

• When a node leaves the forwarding area, it is no longer obliged to forward data.

• If a node enters the forwarding area, this node must participate in the data forwarding.

21

Source node

Reference Point

DestinationNode

Forwarding Zone

Source node

DestinationNode

Selected Grid Path

How to do route maintenance

Connection Maintenance

Destination node moves away from current router

→ Reference line changes

→ Reference points changes

→ Forwarding zones changes

→ Need a new connection path

Route Maintenance:

–The destination node periodically updates its location with the source node.

– If this fails, source issues a location discovery packet

22

Essentially no

overhead

Selfish and Malicious Behavior

23

Source node

DestinationNode

Selected Grid Path

Malicious Node

It works as long as nodes cooperate

Need cooperation

enforcement !!

Cooperation EnforcementStep 1: Detect Malicious Node

24

Malicious node

Malicious behavior detected

Malicious behavior detected

Cooperation EnforcementStep 2: Penalize Malicious Nodes

25

Malicious Node tries to establish

connection by broadcasting

Location Discovery packet

radio range of malicious node

Location Discovery packet is

blocked by the building

Location Discovery packet is

blocked by the building

I know about the

misbehavior

I know about the

misbehavior I know about the

misbehavior

No one will forward the Location

Discovery packet for the malicious

node.

Network Layer Structure

26

Routing Layer (Network) Routing Layer (Network)

MAC Layer (Data Link) MAC Layer (Data Link)

Radio Layer (Physical) Radio Layer (Physical)

3C Module

27


3C MODULE(Temper Resistant)




3C Module - Overview

• It maintains three Counters:

– Forward Request Counter: Number of forward requests (both discovery and data packets) received by a node.

– Forward Counter: Number of packets forwarded by a node.

– Location Discovery Counter: Number of Location Discovery packets initiated by a node (i.e., number of connections requested)

• It adds a 3C header which contains the values of these three counters to every Location Discovery packet.

• Based on this header, neighboring nodes analyze the behavior of the source node, and decide to forward or discard the packet (i.e., penalize the source node)

28

Misbehavior Detection: Overview

29






Add 3C header

Examine 3C header for

misbehavior

Examine 3C header again

before forwarding

Route Discovery

• Source node initiates Route Request packet

• Intermediate nodes forward the packet until it reaches the Destination node

• The Destination node receives the Route Request packet and sends back a Route Reply packet

30

S D

Request

Request

Request

Request

Let’s look at the operation at these nodes

Initiate Location Discovery

31

Establish a connection

Routing Layer (Network)

3C MODULE

(Temper Resistant)

No

Upper Layer

Yes

MAC Layer(Data Link)

Perform Location Discovery

procedure

Add 3C header to the packet This is a new

communication request

This is a reroute request

An ongoing communication

session?

Increment Location Discovery Counter

Broadcast location discovery packet

Add to Session Table

Submit a route request


Receive Location Discovery

32


3C MODULE

(Temper Resistant)

Yes

No

Yes Misbehavior Detection

No

Yes

Is from misbehavior

node?

No

No

Yes

Discard Packet

VRA Protocol

Need to detect

misbehavior?

MISBEHAVIOR DETECTION MODULE

Is the packet in Session Table?

More on this module later…

Insert new request into

Session Table

The forwarding node initiates

this route request

Increment Forward Request

Counter

Reset TTL for this entry

Penalize the requester

Location discovery packet arrives

Initiated by

sender?

VRA ProtocolRouting Layer (Network)

Forward Location Discovery (1)

33

3C MODULE

(Temper Resistant)

Yes(Reply)

No Is destination node?

Start delay period Discard Packet

YesNo

Have seen the packet before?

YesHear same

packet from a neighbor node?

No No

End of Delay?

Yes(Forward)

The Virtual Router has already

forwarded the packet

The route has been found


Counter


3C MODULE

(Temper Resistant)

Forward Location Discovery (2)

34


Yes(Reply)

Is destination node?

Yes(Forward)

End of Delay?


Increment Forward Counter

Broadcast location discover/reply packet

3C MODULE

(Temper Resistant)

Network Attack:Sending Dummy Packets

35


Discard PacketNo


Ispacket in SessionTable?


Broadcast location discover/reply packet

Generate & “forward” a dummy route request packet

Flood the network with a dummy record

Data Transmission

• Source node transmits a data packet

• Intermediate nodes forward the packet until it reaches the Destination node

36

S D

Data Data Data Data

Let’s look at the data forwarding operation at a node

Receive Data Packet

37


3C MODULE

(Temper Resistant)

Data packet arrives

Yes

No




Session Table

Reset TTL for this entry Increment

Forward Request Counter

VRA Protocol

Forwarding Procedure in

VRA

A node new to the virtual router might not know about this on-going session

VRA ProtocolRouting Layer (Network)

VRA Protocol Forwarding Procedure (Data Packet)

38

3C MODULE

(Temper Resistant)

No Is destination node?

Start delay period Discard Packet

YesNo

Have seen the packet before?

YesHear same

packet from a neighbor node?

No No

End of Delay?


Counter


These steps are the same as in Location

Discovery packet

Yes

The packet has reached its destination

Yes

3C MODULE

(Temper Resistant)

Forward Data Packet

39

Routing Layer (Network) Is destination

node? End of Delay?



Broadcast Data Packet

Yes

Yes

Receive Data Packet

Packet arrives at destination

3C MODULE

(Temper Resistant)

Network Attack: Dummy Packets

40


Discard PacketNo




Broadcast Data Packet

Generate & “forward” a dummy data packet

Flood the network with a dummy record


Receive Location Discovery

41


3C MODULE

(Temper Resistant)

Is initiated by last hop?

Yes

No

Yes Misbehavior Detection

No

Yes

Is from misbehavior

node?

No

No

YesDiscard Packet

VRA Protocol

Need to detect

misbehavior?

MISBEHAVIOR DETECTION MODULE

Is the packet in Session Table?We now discuss this module


Session Table


Counter


Location discover packet arrives

Misbehavior Detection Metrics

3C Module at each node i maintains the following information:

– Forward Ratio (FR): Percentage of arriving packets forwarded

• FRi =

– Local Average Forward Ratio (LAFR)

• LAFRi = ,

where, n is the number neighbor nodes of i

– Request Ratio (RR): Offer enough service to use the network ?

• RRi =

42

i

i

unterForward Co

CounterDiscovery Location

i

i

Counter questForward Re

unterForward Co

1

)(1

n

FRFR i

n

jj

Forward Request Counter Number of forward requests (both discovery and data packets) received by a node.

Forward Counter Number of packets forwarded by a node.

Location Discovery CounterNumber of Location Discovery packets initiated by a node (i.e., number of connections requested)

Initiate Misbehavior Detection

43

m n


Is the forwarder the initiator of this

packet ?

If m is not the source node, n

proceeds to forward the

packet

else, n checks 3C header of this packet.

Need to establish a

communication connection with

someone

m is a suspect

Misbehavior Detection: Check Forward Ratio

44

m n


FRm < FRn → n suspects m

has been dropping packets

FRn = n

n


unterForward CoFRm =

m

m


unterForward Co

FRm < FRn means that n is not forwarding enough

packets

m is a suspect

Misbehavior Detection:Check Request Ratio

45

m n


RRm > 1.2*RRn → n suspects m

has been dropping packets

RRm > 1.2 ∙ RRn means that m made many connection

requests; but it has not provided enough service to

other nodes.

RRm = i

i

unterForward Co

CounterDiscovery Location RRn =

i

i

unterForward Co

CounterDiscovery Location

n needs to exchange counter information with

neighboring nodes

Initiate Misbehavior Detection:Compare to Local Average

46

m n

x

y

n exchanges counters

information with neighboring

nodes

FRm < LAFRn → m is a suspect

according to local average

LAFRn =

1

)(1

k

FRFRk

ini

k is the number of neighbor nodes of n

Enter Detection Mode: Listening State

47

m n

x

y

m is a suspect. Enter Detection

mode – Listening State

m is a suspect. Enter Detection

model – Listening State

m is a suspect. Enter

Detection mode –

Listening State

n enters Detecting state

by invoking Misbehavior

Detection procedure.

Radio range of m

Detection Mode: Detecting State (1)

48

m n

x

y

x resets the delay timer and

stays in Listening State

y resets the delay timer and

stays in Listening State

n generates and

broadcasts a Detection

packet

n broadcasts a Detection packet two more times

Detection packet is just a dummy data packet


49

m n

x

y

x exits Listening

State

y exits Listening

State

n exits Listening

State

If m forwards the Detection packet

n forwards m’s Location Discovery

packet


50

m n

x

y

x marks m as misbehavior

y marks m as misbehavior

n marks m as misbehavior

If m drops all three Detection packets

x drops m’s LocationDiscovery pakcet

n drops m’s Location

Discovery packet

y drops m’s Location

Discovery packet

Simulation Setting

• Simulator: GloMoSim.

• Constant-bit-rate sessions of 512-byte packets.

• Radio propagation range is 375 meters, and channel capacity is 2 Mbits/sec.

• Street width is 10 meters, and building block size is 100m by 100m.

• Initial nodes placement: 2 nodes per intersection, and 8 nodes per block.

• Mobility model: At intersections, a node pauses for a period of time, and then probabilistically changes its direction of movement.

• Speed: random between 0 m/s and 25 m/s (or 56 miles/hr).

• Pause time: random between 0 and 20 seconds.

• 100 simulation runs with different seed numbers for each scenario.

• Number of misbehaving nodes: 5%, 10%, 20%, and 30% of total number of nodes.

51

Schemes and Malicious Behavior

• Schemes compared:

Reference scheme: All nodes act collaboratively and relay data for each other.

Defenseless scheme: No detection mechanism is implemented. The network is totally “defenseless”.

3CE (3-Counter Enforcement) scheme: misbehaving nodes are detected and punished.

• Malicious Behavior:

A malicious node recognizes that it is being punished when its Location Discovery packet has been dropped four consecutively times.

Once malicious nodes recognize the punishment, they participate in data forwarding to rejoin the network.

52

Performance Metrics

• Packet Delivered Ratio (P)– Percentage of data packets successfully delivered

to their destination.

• Misbehaving Node Detection Ratio (D)– Percentage of misbehaving nodes detected

• False Accusation Rate (F)– Percentage of detected nodes incorrectly accused

53

Packet Delivered Ratio (P)

54

• 3CE is significantly better than the defenseless system

• 3CE incurs little overhead. Its performance does not decrease significantly compared to the Reference scheme.

Reference

VRA

Defenseless

Misbehaving Node Detection Ratio (D)

Detection Ratio

Speed (m/s) 10 15 20 25

5% misbehaving nodes 89% 88% 83% 81%




55

Average about 87%

False Accusation Rate (F)

56

False Accusation Ratio

Speed (m/s) 10 15 20 25





• Overall, false accusation is very low.

• False accusation is higher when nodes move faster.Suspect node forwards the detection packet after moving out of the

radio range of the detecting nodes causing false accusation (i.e., not forwarding the detection packet)

Forward detection packet

Send detection packet

False Accusation

57

m n

m is badFalse accusation

58

Conclusions

• The Virtual Router approach has been shown to provide better performance than standard routing based on physical nodes

• 3CE (3 Counters Enforcement) cooperation enforcement technique further improves the Virtual Router approach

• Our simulation results indicate:

– improved network throughput (better data delivery rate)– effective detection of most (87%) misbehaving nodes – almost no false accusation

virtual router

Documents

processpresentation

sdpresentation identifier

virtual router examplehow

virtual routerkien

node mobility nodes

destination cell

datavirtual router

locations of source