• Title/Summary/Keyword: Trust-based ad-hoc routing

Search Result 15, Processing Time 0.021 seconds

Thwarting Sybil Attackers in Reputation-based Scheme in Mobile Ad hoc Networks

  • Abbas, Sohail;Merabti, Madjid;Kifayat, Kashif;Baker, Thar
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.12
    • /
    • pp.6214-6242
    • /
    • 2019
  • Routing in mobile ad hoc networks is performed in a distributed fashion where each node acts as host and router, such that it forwards incoming packets for others without relying on a dedicated router. Nodes are mostly resource constraint and the users are usually inclined to conserve their resources and exhibit selfish behaviour by not contributing in the routing process. The trust and reputation models have been proposed to motivate selfish nodes for cooperation in the packet forwarding process. Nodes having bad trust or reputation are detected and secluded from the network, eventually. However, due to the lack of proper identity management and use of non-persistent identities in ad hoc networks, malicious nodes can pose various threats to these methods. For example, a malicious node can discard the bad reputed identity and enter into the system with another identity afresh, called whitewashing. Similarly, a malicious node may create more than one identity, called Sybil attack, for self-promotion, defame other nodes, and broadcast fake recommendations in the network. These identity-based attacks disrupt the overall detection of the reputation systems. In this paper, we propose a reputation-based scheme that detects selfish nodes and deters identity attacks. We address the issue in such a way that, for normal selfish nodes, it will become no longer advantageous to carry out a whitewash. Sybil attackers are also discouraged (i.e., on a single battery, they may create fewer identities). We design and analyse our rationale via game theory and evaluate our proposed reputation system using NS-2 simulator. The results obtained from the simulation demonstrate that our proposed technique considerably diminishes the throughput and utility of selfish nodes with a single identity and selfish nodes with multiple identities when compared to the benchmark scheme.

A Study on Hierarchy-based Secure Encryption Protocol for Trust Improvement on Multicast Environment of MANET (MANET의 멀티캐스트 환경에서 신뢰성 향상을 위한 계층기반 암호 프로토콜 기법 연구)

  • Yang, Hwanseok
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.13 no.3
    • /
    • pp.43-51
    • /
    • 2017
  • MANET consists of only wireless nodes having limited processing capability. It processes routing and data transmission through cooperation among each other. And it is exposed to many attack threats due to the dynamic topology by movement of nodes and multi-hop communication. Therefore, the reliability of transmitted data between nodes must be improved and security of integrity must be high. In this paper, we propose a method to increase the reliability of transmitted data by providing a secure cryptography protocol. The proposed method used a hierarchical structure to provide smooth cryptographic services. The cluster authentication node issues the cluster authentication key pair and unique key to the nodes. The nodes performs the encryption through two steps of encryption using cluster public key and block encryption using unique key. Because of this, the robustness against data forgery attacks was heightened. The superior performance of the proposed method can be confirmed through comparative experiment with the existing security routing method.

Design and Analysis of Lightweight Trust Mechanism for Accessing Data in MANETs

  • Kumar, Adarsh;Gopal, Krishna;Aggarwal, Alok
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.8 no.3
    • /
    • pp.1119-1143
    • /
    • 2014
  • Lightweight trust mechanism with lightweight cryptographic primitives has emerged as an important mechanism in resource constraint wireless sensor based mobile devices. In this work, outlier detection in lightweight Mobile Ad-hoc NETworks (MANETs) is extended to create the space of reliable trust cycle with anomaly detection mechanism and minimum energy losses [1]. Further, system is tested against outliers through detection ratios and anomaly scores before incorporating virtual programmable nodes to increase the efficiency. Security in proposed system is verified through ProVerif automated toolkit and mathematical analysis shows that it is strong against bad mouthing and on-off attacks. Performance of proposed technique is analyzed over different MANET routing protocols with variations in number of nodes and it is observed that system provide good amount of throughput with maximum of 20% increase in delay on increase of maximum of 100 nodes. System is reflecting good amount of scalability, optimization of resources and security. Lightweight modeling and policy analysis with lightweight cryptographic primitives shows that the intruders can be detection in few milliseconds without any conflicts in access rights.

Stability-based On-demand Multi-path Distance Vector Protocol for Edge Internet of Things

  • Dongzhi Cao;Peng Liang;Tongjuan Wu;Shiqiang Zhang;Zhenhu Ning
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.17 no.10
    • /
    • pp.2658-2681
    • /
    • 2023
  • In edge computing scenarios, IoT end devices play a crucial role in relaying and forwarding data to significantly improve IoT network performance. However, traditional routing mechanisms are not applicable to this scenario due to differences in network size and environment. Therefore, it becomes crucial to establish an effective and reliable data transmission path to ensure secure communication between devices. In this paper, we propose a trusted path selection strategy that comprehensively considers multiple attributes, such as link stability and edge cooperation, and selects a stable and secure data transmission path based on the link life cycle, energy level, trust level, and authentication status. In addition, we propose the Stability-based On-demand Multipath Distance Vector (STAOMDV) protocol based on the Ad hoc AOMDV protocol. The STAOMDV protocol implements the collection and updating of link stability attributes during the route discovery and maintenance process. By integrating the STAOMDV protocol with the proposed path selection strategy, a dependable and efficient routing mechanism is established for IoT networks in edge computing scenarios. Simulation results validate that the proposed STAOMDV model achieves a balance in network energy consumption and extends the overall network lifespan.

A Study on Distributed Cooperation Intrusion Detection Technique based on Region (영역 기반 분산협력 침입탐지 기법에 관한 연구)

  • Yang, Hwan Seok;Yoo, Seung Jae
    • Convergence Security Journal
    • /
    • v.14 no.7
    • /
    • pp.53-58
    • /
    • 2014
  • MANET can quickly build a network because it is configured with only the mobile node and it is very popular today due to its various application range. However, MANET should solve vulnerable security problem that dynamic topology, limited resources of each nodes, and wireless communication by the frequent movement of nodes have. In this paper, we propose a domain-based distributed cooperative intrusion detection techniques that can perform accurate intrusion detection by reducing overhead. In the proposed intrusion detection techniques, the local detection and global detection is performed after network is divided into certain size. The local detection performs on all the nodes to detect abnormal behavior of the nodes and the global detection performs signature-based attack detection on gateway node. Signature DB managed by the gateway node accomplishes periodic update by configuring neighboring gateway node and honeynet and maintains the reliability of nodes in the domain by the trust management module. The excellent performance is confirmed through comparative experiments of a multi-layer cluster technique and proposed technique in order to confirm intrusion detection performance of the proposed technique.