The detection of routing misbehavior in mobile ad hoc networks using the 2 ack scheme with olsr protocol
Upcoming SlideShare
Loading in...5
×
 

The detection of routing misbehavior in mobile ad hoc networks using the 2 ack scheme with olsr protocol

on

  • 732 views

 

Statistics

Views

Total Views
732
Views on SlideShare
732
Embed Views
0

Actions

Likes
0
Downloads
10
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

The detection of routing misbehavior in mobile ad hoc networks using the 2 ack scheme with olsr protocol The detection of routing misbehavior in mobile ad hoc networks using the 2 ack scheme with olsr protocol Document Transcript

  • International Journal of Computer and Technology (IJCET), ISSN 0976 – 6367(Print),International Journal of Computer Engineering Engineeringand Technology (IJCET), ISSN 0976May - June Print) © IAEMEISSN 0976 – 6375(Online) Volume 1, Number 1, – 6367( (2010),ISSN 0976 – 6375(Online) Volume 1 IJCETNumber 1, May - June (2010), pp. 213-234 ©IAEME© IAEME, http://www.iaeme.com/ijcet.html THE DETECTION OF ROUTING MISBEHAVIOR IN MOBILE AD HOC NETWORKS USING THE 2ACK SCHEME WITH OLSR PROTOCOL Mrs. S. A. Nagtilak Department of Computer Engineering S.C.O.E, Pune, E-Mail: saranagtilak@yahoo.co.in Prof. U.A. Mande Asst. Professors, Departments of Computer Engineering S.C.O.E, Pune, E-Mail: uamande.scoe@sinhgad.eduABSTRACT The operation of MANETs does not depend on preexisting infrastructure or basestations. Network nodes in MANETs are free to move randomly. Therefore, the networktopology of a MANET may change rapidly and unpredictably. This paper presents theexisting methods to detect misbehavior in MANETs. Routing protocols used in such typeof networks generally based on the assumption that, all participating nodes will be fullycooperative. But, due to the open structure node misbehavior may exist and packet lossoccurs. Among them one type of misbehavior is that some nodes will take part in routingestablishment processes but they do not respond to forward data packets and simplydismiss the packets. The goal of this work is to simulate the 2ACK scheme in ad hocnetwork. To reduce extra routing overhead, and packet loss, only a few of the receiveddata packets are acknowledged in the 2ACK scheme. It reduces the routing overhead. Ithas been observed that by using the 2ACK scheme the packet delivery ratio is increased.The result of the 2ACK-OLSR indicates that it reduces the packet loss and increase therouting overhead.KEYWORDS: 2ACK, SACK, S-TWOACK, beans, nuggets 213
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEMEI. INTRODUCTION MANET mobile ad hoc network as the name suggests consists of a bunch ofentities called as nodes or hosts which communicate with each other exchanginginformation with the help of intermediate devices called as routers. The links betweenthese so called nodes is generally invisible or called as wireless links. The structure ofsuch networks is not predefined or it does not depend on any base stations lonely but a lotof other entities are also involved in the entire communication process. The topology ofsuch networks keeps on changing mainly due to a factor called as mobility. Network clients in MANETs may move randomly. Therefore, the networktopology of a MANET can be change unpredictably and speedily. All network activities,for instance forwarding data packets, and detecting the topologies which concern withnodes themselves for execution either collectively or individually. Due to this changingtopology packet loss is a common phenomenon. Any wireless network consists of a lot ofnodes that interact with each other exchanging information continuously. As these nodeshave the flexibility of moving from one place to other, there may be cases wherein aparticular node which is a receiver for a particular packet, moves away from the range ofsender. However the sender is not aware of this scenario and it might still keep onsending packets thus leading to packet and data loss. The other case is a bit more interesting, whenever communication takes placebetween any two nodes there are a lot of nodes involved in this communication processacting as mediators. All these nodes agree to forward packets during the actualcommunication process but one of them actually turns selfish during the data transfer,this selfish node keeps on dropping packets as when received instead of forwarding it tothe next hop in the communication process. These selfish behavior results in packet lossand also the source is unaware of such misbehaving node in the path towards thedestination. And there is no such mechanism to detect this misbehaving node. The structure of a MANET totally depends on application and it can vary fromnetwork to network. For e.g. from a small static network which is highly powerconstrained to a large hugely dynamic network. Lots of techniques have been discoveredto avoid the misbehavior or selfishness among nodes. 214
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEME There has been a lot of improvements in the field of computer and wirelesstechnologies therefore there has been a lot of development expected in mobile wirelesscomputing typical applications of which can be used in military scenes, rescue operationsor where it is almost difficult to rely on wired network. MANETs are self organizableand configurable hence also known as multi hop wireless ad hoc networks, where thetopology of the network keeps on changing continuously.A. PACKET LOSS DUE TO ROUTING MISBEHAVIORS During data transfer in ad hoc networks, all the nodes in the network usually takepart in the communication process in order to increase or maximize the throughput.Therefore the more the number of nodes greater is the bandwidth and smaller is thenetwork partition with smaller paths. However it might also happen that a node hasagreed to fully cooperate in the communication process but later refuses to do so resultingin loss of packets because of its selfishness [14]. A selfish node which acts as selfish by dropping packets does so because it isunwilling to spend its battery life and CPU cycles and save its bandwidth. Such amisbehaving node launches a denial of service attack by simply dropping packets. In some cases it might happen that the node which is dropping packets might havefault in the software running at its end. So the need is to focus on how this misbehavingnode in order to decrease the packet loss can be detected [2]. There are a lot of schemesavailable in order to detect the routing in MANET’s which are as follows: Figure 1 Scenario for packet dropping and misroutingi) The watchdog technique: In this scheme misbehaving nodes are detected byoverhearing the wireless medium. The path rater technique, which is based on thewatchdog’s output, allows nodes to avoid the use of the misbehaving nodes in any future 215
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEMEroute selections. However, the drawback with watchdog technique is that it dependsheavily on overhearing principal; therefore there is chance that it might fail to identifymisbehavior in routing or raise false alarms in cases where ambiguous collisions, receivercollisions are present, it might also fail sometimes in cases for limited transmissionpower.ii) ACK and SACK schemes: They are used to measure the usefulness of thecurrent route and to take appropriate action. For example, congestion control is based onthe reception of the ACK and the SACK packets.[1]iii) TWOACK Scheme: The 2ACK and the TWOACK schemes have the followingmajor differences: 1) the node which acts as receiver in the 2ACK scheme usually sends2ACK packets for a small amount of data packet which it has received, whereas, in theTWOACK scheme, TWOACK packets are acknowledged for every data packet receivedat the receivers end. But, however it was observed that sending acknowledgement for afraction of data packets received, improves the performance of 2ACK scheme when itcomes to routing overhead.iv) (S-TWOACK) scheme or Selective TWOACK: In this scheme everyTWOACK packet will acknowledge or reply the receipt for number of data packets,whereas in the 2ACK scheme, a 2ACK packet only acknowledges one data packet.Because of such a small change, the 2ACK scheme gains easy control on the trade-offthat appears between the network performance and the cost as compared to the S-TWOACK scheme.II. EXISTING METHODOLOGIES Routing protocols for MANETs are designed based on the assumption that allparticipating nodes are fully cooperative. Misbehaving nodes can be a significantproblem. The presence of selfish or malicious nodes degrades the efficiency of packetrelaying. It increases the packet delivery latency and the packet loss rate. Selfish nodeslead to network partitioning. Various techniques have been proposed to preventselfishness in MANETs. These schemes can be broadly classified into two categories:credit-based schemes and reputation-based schemes. 216
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEMEA. CREDIT-BASED SCHEMES The basic idea of credit-based schemes presented [6] is to provide incentives fornodes to faithfully perform networking functions. In order to achieve this goal, virtual(electronic) currency or similar payment system may be set up. Nodes get paid forproviding services to other nodes. When they request other nodes to help them for packetforwarding, they use the same payment system to pay for such services. The concept ofnuggets (also called beans) is used for payments for packet forwarding. There are twomodels which use nuggets are: the Packet Purse Model shown Figure 2 and the PacketTrade Model shown in Figure 3. In the Packet Purse Model, nuggets are loaded into thepacket before it is sent. The sender puts a certain number of nuggets on the data packet tobe sent. Each intermediate node earns nuggets in return for forwarding the packet. If thepacket exhausts its nuggets before reaching its destination, then it is dropped. In thePacket Trade Model, each intermediate node “buys” the packet from the previous nodefor some nuggets and “sells” it to the next node for more nuggets. Thus, eachintermediate node earns some nuggets for providing the forwarding service and theoverall cost of sending the packet is borne by the destination. In another implementation, each node maintains a counter termed the neglectcounter. The counter is decreased when the node sends packets of its own, but increasedwhen it forwards packets for the other nodes. The counter should be positive before anode is allowed to send its packet. Therefore, the nodes are encouraged to continue tohelp other nodes. Tamper resistant hardware modules are used to keep nodes fromincreasing the neglect counter illegally. Figure 2 Packet purse model. 217
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEME Figure 3 Packet trade model. Another credit-based scheme, termed Sprite, has nodes that keep receipts of thereceived/forwarded messages. When the users have a fast connection to a CreditClearance Service (CCS), they report all of these receipts. The CCS then decides thecharge and credit for the reporting nodes. In the network architecture of Sprite, the CCSis assumed to be reachable through the use of the Internet, limiting the utility of Sprite.The main problem with credit-based schemes is that they usually require some kind oftamper-resistant hardware and/or extra protection for the virtual currency or the paymentsystem.B. REPUTATION-BASED SCHEMES The second category of techniques to combat node misbehavior in MANETs isreputation-based presented by [2]. In such schemes, network nodes collectively detectand declare the misbehavior of a suspicious node. Such a declaration is then propagatedthroughout the network so that the misbehaving node will be cut off from the rest of thenetwork. The two modules under this category are watchdog and path rater shown in Fig4. Nodes operate in a promiscuous mode wherein the watchdog module overhears themedium to check whether the next-hop node faithfully forwards the packet. At the sametime, it maintains a buffer of recently sent packets. A data packet is cleared from thebuffer when the watchdog overhears the same packet being forwarded by the next-hopnode over the medium. If a data packet remains in the buffer for too long, the watchdogmodule accuses the next hop neighbor of misbehaving. Thus, the watchdog enablesmisbehavior detection at the forwarding level as well as the link level. Based on the 218
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEMEwatchdog’s accusations, the path rater module rates every path in its cache andsubsequently chooses the path that best avoids misbehaving nodes. Due to its reliance onoverhearing, however, the watchdog technique may fail to detect misbehavior or raisefalse alarms in the presence of ambiguous collisions, receiver collisions, and limitedtransmission power. The CONFIDANT protocol [7] is another example of reputation-based schemes.The protocol is based on selective altruism and utilitarianism, thus making misbehaviorunattractive. CONFIDANT consists of four important components—the Monitor, theReputation System, the Path Manager, and the Trust Manager. They perform the vitalfunctions of neighborhood watching, node rating, path rating, and sending and receivingalarm messages, respectively. Each node continuously monitors the behavior of itsfirst-hop neighbors. If a suspicious event is detected, details of the event are passed tothe Reputation System. Depending on how significant and how frequent the event is, theReputation System modifies the rating of the suspected node. Once the rating of a nodebecomes intolerable, control is passed to the Path Manager, which accordingly controlsthe route cache. Warning messages are propagated to other nodes in the form of an Alarmmessage sent out by the Trust Manager. The Monitor component in the CONFIDANTscheme shown in Figure.5 observes the next hop neighbor’s behavior using theoverhearing technique. This causes the scheme to suffer from the same problems as thewatchdog scheme. Figure 4 Watchdog & Path rater. 219
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEMEC. END-TO-END ACKNOWLEDGMENT SCHEMES There are several schemes that use end-to-end acknowledgments (ACKs) to detectrouting misbehavior or malicious nodes in wireless networks. In the TCP protocol, end-to-end acknowledgment is employed. Suchacknowledgments are sent by the end receiver to notify the sender about the reception ofdata packets up to some locations of the continuous data stream. The SelectiveAcknowledgment (SACK) technique [3] is used to acknowledge out-of-order data blocks. Figure 5 CONFIDANT Scheme. The 2ACK technique differs from the ACK and the SACK schemes in the TCPprotocol in the following manner: The 2ACK scheme tries to detect those misbehavingnodes which have agreed to forward data packets for the source node but refuse to do sowhen data packets arrive. TCP, on the other hand, uses ACK and ACK to measure theusefulness of the current route and to take appropriate action. In order to identify malicious routers that draw traffic toward them but fail tocorrectly forward the traffic, the secure trace route protocol is proposed. The normal traceroute protocol allows the sender to simply send packets with increasing Time-To- Live(TTL) values and wait for a warning message from the router at which time the packet’sTTL value expires. The secure trace route protocol authenticates the trace route packetsand disguises them as regular data packets. In secure trace route scheme, binary search is initiated on faulty routes.Asymptotically, log (n) probes are needed to identify a faulty link on a faulty n-hop route.This technique only works with static misbehaviors and needs to disguise the probing 220
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEMEmessages as regular routing control packets. Once a link is identified as faulty, the linkweight is increased so that future link selections will avoid this link. The Best-effort Fault-Tolerant Routing (BFTR) scheme [16] also employs end-to-end ACKs. The BFTR scheme continuously monitors the quality (i.e., packet deliveryratio) of the path in use. This is compared with the predefined expected behavior of goodroutes. If the behavior of the route in use deviates from the behavior of good routes, it ismarked as “infeasible” and a new route is used. Since BFTR throws out the entire routebefore detecting the misbehaving nodes, the newly chosen route may still include thesame misbehaving nodes. Even though the new route will be detected as infeasible by thesource after a period of observation time, data packet loss will occur in traffic flows whenusing protocols such as UDP. Such a repeated detection process is inefficient. In contrastwith BFTR, it is try to identify such misbehaving links in this work. Therefore, moreaccurate information on routing misbehavior can be obtained in the 2ACK scheme.III. COMPARISON WITH THE EXISTING SCHEMES Compared with the above schemes, the 2ACK scheme doesn’t depend on end-toend acknowledgment. Instead, the 2ACK scheme tries to detect misdemeaning links asthe links are being used. Such a proactive detection approach results in quicker detectionand identification of misdemeaning links. In such a combined scheme, the Multi-Hoptransmission and the monitoring processes are turned on only when routing carry outfacedegrades. It will further reduce the routing overhead of the 2ACK scheme. A scheme to choose routes based on the reliability index of each outgoingneighbor has each node maintaining a table of reliability indices of its neighbors. Thistype of reliability index indicates the previous success or failure experience of packettransmissions through neighboring nodes. For example, a successful point-to-pointtransmission will give output in an increase of the reliability index of the neighborassociated with the route. When selecting path for data transmissions, nodes prefer thoserooted at the neighbors with higher reliability indices. Since a sender searches all possiblepath from its immediate neighbors, the overall reliability of the selecting path depends onhow the neighbors select the rest of the route. 221
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEMEAs compared to the watchdog, the 2ACK scheme has the followingadvantages:Ambiguous Collisions: Ambiguous or doubtful collisions may occur at node N1.When a well behaved node N2 forwards the data packet toward N3, it is possible that N1cannot overhear the transmission due to another concurrent transmission in N1sneighborhood. The 2ACK technique solves this problem by requiring N3 to send a Multi-Hop packet explicitly.Receiver Collisions: Receiver or acceptor collisions take place in case of overhearingtechniques when N1 overhears the data packet being forwarded by N2, but N3 fails to getthe packet due to collisions in its neighborhood. The data packets will not beretransmitted by a misbehaving N2 because retransmission requires extra energy. Again,due to the explicit Multi-Hop packets our 2ACK scheme overcomes this problem.Limited Transmission Power: A misbehaving N2 may engineer its transmissionpower in such a way that N1 can overhear its transmission but not N3 such that, thisproblem matches with the Receiver Collisions problem. It goes to a level of threat onlywhen the distance between N1 and N2 is less than the distance between N2 and N3. The2ACK scheme does not suffer from limited transmission power problem.Limited Overhearing Range: In order to transmit data to N3 a well-behaved N2could apply low level of power transmission. Due to N1s limited overhearing range, itwill not overhear the transmission successfully and will thus infer that N2 ismisbehaving, causing a false alarm. Both this problem occur due to the potentialasymmetry between the communication links. The 2ACK scheme is not affected bylimited overhearing range problem. The 2ACK scheme of detecting routing misbehavior is different from theTWOACK and SACK schemes present in the TCP protocol in the following manner: The 2ACK technique identifies misbehaving nodes which had agreed to forwarddata packets originating from the source node but later refuse to do so during actual datatransfer. On the other side, the TCP protocol uses SACK and ACK to find the benefit ofthe current route and to take the required action. 2ACK scheme does not depend on end-to-end acknowledgment. Such a 2ACK scheme may not exist in some traffic flows for 222
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEMEinstance UDP protocol. Such a proactive approach of detection results in faster detectionof misbehaving links.IV. THE 2ACK SCHEME The watchdog finding technique has a very small overhead. Unfortunately, thewatch dog technique going to various problems i.e. equivocal collisions, recipientcollisions, and low transmit energy. The primary issue is the event of successful packetreception can only be accurately calculated at the receiver of the next-hop link, but thewatchdog technique only observer the transmission from the sender of the next-hop link. Not a good behavior client can either be sender or receiver of the next-hop link,concentration is given on the problem of finding a not good behavior links rather of notgood behavior client. In the next-hop link, a not good behavior source or destination hasalike contrary effect on the data packet: It will not be sent on further. The outcome is thatthis link will be marked. 2ACK scheme importantly simplifies the detection mechanism.A. DETAILS OF THE 2ACK SCHEME The 2ACK scheme is a network-layer technique to find links and to extenuatetheir effects. It can be implemented as an add-on to existing path protocols for MANETs,such as OLSR and any other routing protocols. The 2ACK scheme finds a good behaviorthrough the use of a new type of acknowledgment bundle, termed 2ACK. A 2ACKbundle is assigned a fixed path of two hops (three nodes) in the contrary direction of thedata traffic path. The Figure 6 shows the operation of the 2ACK scheme. Suppose that N1, N2,and N3 are three successive clients (triplet) along a path. The path from a source client, S,to a destination client, D, is established from routing table information though HELLOand TC control messages exchange. When N1 sends a data bundle to N2 and N2 sent it toN3, it is not clear to N1 whether N3 receives the data bundle correctly or not. Such anambiguity exists even when there is a good behavioral client present. The problembecomes much more severe in open MANETs with potential not good behaving client. 223
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEME Figure6 The 2ACK Scheme The 2ACK scheme needed an external acknowledgment to be sent by N3 toadvice N1 of its successful receipt of a data bundle. When client N3 got the data bundlesuccessfully, it sends out a 2ACK above two hops to N1, with the ID of the matchingdata bundle. The three client N1→ N2→ N3 is calculated from the path of the main datatraffic. Such three clients are utilized by N1 to the link N2→N3. For gadget of displays,it is termed that N1 in the three client N1→ N2→N3 the 2ACK bundle destination or theremarking client and N3 the 2ACK source. Such a 2ACK packet sending takes place forevery set of three clients along the path. Hence, only the first path from the sender willnot do as a multi hop bundle destination. The final path just before the receiver and thereceiver will not do as multi hop destinations. To find misbehavior, the multi hop bundle source controls a records of IDs of databundles that have been sent out but have not been acknowledged. For e.g., later N1 sendsa data bundle on a actual path, say, N1→ N2 → N3. In diagram it sums the data ID toLIST this is, on its records matching to N2N3. A counterpunch of sent on data bundle,Cpkts, is incremented all the same time.The details execution procedure is as follows: DUID DST Cpkts 2ACK 2ART R-CNT Cmis Rmis DTime Figure7 Data structure maintained by the observing nodeDUID (Data pkt Unique ID): This is used to record the unique packet id of the sent Datapacket.DST (Data pkt Sent Time) : This records the time at which Data packet is sent. 224
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEMECpkts: This gives the total number of Data packets that are sent.D2ACK: This records the Data packet ID for which the observing node has received the2ACK packet i.e., 2ACK Packet is received for this Data packet.2ART (2ACK Receive Time): This records the time at which the 2ACK packet isreceived.R-CNT: It counts the total number of 2ACK packets that are received by the observingnode.Cmis: It counts the total number of Data packets for which the 2ACK packet is notreceived.Rmis: It is the ratio of the Cmis to the total number of Data packets sent, i.e., Cmis / Cpkts.Diff-Time: It is the difference of the time intervals 2ART and DST. At N1, each ID will remain on the record for τ seconds, the respite for 2ACKreception. If 2ACK bundles matching to this ID arrive in front the timer exits, the ID willbe took out from the records. Other than, the ID will be taken out at the last of its look outtime separation and a counter called Cmis will be incremented. If N3 receives a data bundle, then calculated whether it wants to send a 2ACKbundle to N1. In order to cut down the extra path overhead reason by the 2ACK outline,only a divide the data bundle will be acknowledged verses multi hop bundle. Such adivide termed the acknowledgment proportion, Rack. By changing Rack, we candynamically tune up the overhead of Many-Hop bundle transmissions.The Data structure maintained by Data packet receiving node i.e., by Node N3 is asfollows: DUID D-Total R-Status R2ACK_Total Rack Figure 8 Data structure maintained by the data packet receiving node (Node N3), i.e. 2ACK packet sender sideDUID (Data pkt Unique ID) : This records received Data packet unique ID.D-Total: It counts the total number of Data Packets that are received.R-Status: This records the status of Data packets for which 2ACK packet is sent.R-status = 1 means for this DUID the receiving node has sent 2ACK packet andviceversa. 225
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEMER2ACK_Total: This field is used to count the total number of 2ACK packets that aresent.Rack: This field gives the ratio of the total number of data packets acknowledged to thetotal number of Data packets received, i.e., R2ACK_Total/D-total. Client N1 remarks the behavior of link N2→N3 for a session of time Tobs. At thelast of the session, N1 determines the proportion of losing 2ACK bundles as Cmis / Cpktsand compare it with a threshold Rmis. If the proportion is greater than Rmis, link N2→N3is announced misbehaving and that particular link is being removed from the routingtable. The Data structure format of 2ACK is in the Figure 4.5. Since only a divide of theget data bundle are acknowledged, Rmis could simplify Rmis > 1 - Rack in order to neglectfalse alerts reason by such a partially acknowledgment technique. Every client getting such a 2ACK packet remarks the link N2→N3 asmisbehaving and sums it to the black records list of such misbehaving links that itcontrols. When a client begins its own data traffic after, it will avoid using suchmisbehaving connects as a part of its path. DataPkt Src ID Data Pkt Dst ID Data Pkt ID Figure 9 Data structure of the 2ACK packet.B. TIMEOUT FOR MANY-HOP RECEPTION, Τ The argument timeout, τ, is need to set up a timer for 2ACK reception. If thetimer dies before the expected 2ACK bundle is received, the absent 2ACK counter, Cmis,will be added. Hence, corresponding value of τ is significant for the successful work ofthe 2ACK scheme. It is shows that false alarms achieved if τ is too small. On the other base, if τ is toobig, the waiting client will have to adjust big records, wanting a big memory space.Therefore, set a value which is large sufficient to the occurrence of temporary link fails(for e.g. the unsuccessful sending due to client wireless or local traffic congestion). τ > 4 * (single-hop transmission delay). (1) 226
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEMEWhere a single-hop transmission delay adds bundle sending delay, random back-downdelay at the Medium Access Control (MAC) layer, data processing delay, and potentialresending delay.C. OBSERVATION PERIOD, TOBS, AND DYNAMIC BEHAVIOR The 2ACK technique different link misbehavior and temporary link fails bydetecting the reception of 2ACK bundles on a certain session of time, termed thedetection session, Tobs. Since the impermanent link fails don’t use end long, suchassumption is able to unlike impermanent link fails from link misbehavior. The value ofTobs should be large enough so that several 2ACK packets are sent from the multiplesource to the destination client. This is particularly significant when the acknowledgmentproportion, Rack, is light. For e.g., when Rack= 0.1, one 2ACK bundle will be sent for all10 data bundles that are received. Even so, the watching session should not be too veryshort. A very long watching session means that the watching client takes big time towatch the behavior of the another-hop link in front not good behavior is stated. Databundles may be felled over this lengthy session of time and the effective of the not goodbehavior detection algorithm is cut down. The 2ACK source has to send 2ACK packets for the total data session (onplatform the acknowledgment proportion, Rack). Such continuous watching activity willhelp in the detection of not good behaving client which have active behavior depend ontheir power layers. When such client are good-behaved, the links closed with them willbe treated as normal links and utilized. Once such clients misbehave, the links closedwith them will be observed as not good behaving and other clients will stop using them.D. ACKNOWLEDGMENT RATIO, RACK The adding path overhead stimulated by the sending of the 2ACK bundles can behandled by the argument acknowledgment proportions, Rack, at the 2ACK bundle sender.With the use of the argument Rack in the 2ACK technique, only a divide of the receiveddata bundles will be acknowledged. Hence, the parameter Rack supplies a technique toturn on the overhead. The decrease of overhead comes with a cost: the reducing of therange over which Rmis can get cost. When only one Rack of the data bundles gotten are 227
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEMEacknowledged via the 2ACK packets, 1 - Rack of them are not acknowledged. So 1 - Rackof all data bundles are not acknowledged, Rmis >= 1 -Rack. i.e., Rmis > =1 – Rack (2) Hence, the different between Rmis and 1 – Rack as the buffer to control fells. i.e.Rack lowers the voltage extra space to fells down.E. PARTIAL DATA FORWARDING A misbehaving node may forward data packets partially by forwarding a fractionof the packets and try to cheat the monitoring system. Such a behavior will be detected bythe 2ACK scheme. The triplet N1→ N2 → N3 is used as an example for explanation. Assume a misbehaving node N2 receives ND data packets from N1 successfullyand only forwards a fraction of the data packets, say, Rpart (0 <= Rpart <= 1), of ND towardN3. Further assumption is that all data packets forwarded by N2 are successfully receivedby N3. Thus, N3 receives Rpart _ND data packets and only Rack _ Rpart _ ND of them will beacknowledged by 2ACK packets sent from N3. Therefore, in order to cheat the system, amisbehaving node N2 has to make sure that 1 - Rack. Rpart < Rmis. As the gap between 1 -Rack and Rmis shrinks, the feasible value of Rpart approaches 1. Therefore, the 2ACKscheme effectively guards against partial forwarding. Rpart > 1 – Rmis/Rack (3) Thus, by increasing 1-Rmis/Rack, force N2 to forward more data packets. Thedisadvantage of such an approach is the loss of protection from false alarms.F. OLSR PROTOCOL OLSR is a table-driven, link-state routing protocol that periodically advertises thelinks in the network. OLSR optimizes the link advertisement process by reducing theamount of advertised links and the number of nodes advertising them. OLSR alsooptimizes the message broadcasting mechanism by limiting message forwarding to MultiPoint Relays (MPRs) only. [22]HELLO AND TC MESSAGES TRANSMISSION OLSR nodes become aware of one-hop and two-hops neighbors by continuouslyexchanging HELLO messages with their one-hop neighbors. MPR nodes are selected by 228
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEMEeach node in the network (called MPR Selector) as the minimum set of one-hopneighbors that allow reaching every two-hop neighbor via a node in the MPR set. MPRnodes optimize broadcasting and support path calculation. MPRs are the only nodesgenerating Topology Control (TC) messages and are also responsible for forwardingthem. TC messages advertise the links between MPRs and MPR Selectors. The shortestpath algorithm uses these links to construct paths for every MPR Selector. MPR selectionprocess is as follows.MPR SELECTION MPRs form the core optimization in OLSR. The idea of MPRs is to minimize theoverhead of flooding messages in the network by reducing the number of redundantretransmissions. Each node in the network selects a minimum set of nodes in itssymmetric 1-hop neighborhood which retransmit its messages. This set is selected suchthat every symmetric 2-hop node can be reached via a node in this set. MPR set ofselected neighbor nodes is called the MPR set of that node. The neighbors of the nodewhich are not in its MPR set, receive and process broadcast messages but do not forwardthem. The smaller a MPR set, the lesser the control traffic overhead of the routingprotocol.V. PERFORMANCE EVALUATION In the simulations, we used a version of Network Simulator (ns-2.34) [19] thatincludes wireless extensions developed by the CMU Monarch project group. We installedand modified the OLSR protocol in ns-2 to simulate misbehaving nodes. Unless specifiedotherwise, the 2ACK scheme used Rack=0.2. The IEEE 802.11 MAC was used 15mobile nodes were randomly distributed in a 1500 m by 1500 m flat area. The source andthe destination nodes were randomly chosen among all nodes in the network. The totalsimulation time was 100 seconds UDP traffics have been simulated to evaluate theperformance of 2ACK. Constant Bit Rate (CBR) traffic was used. We used thefollowing metrics to measure the performance of the 2ACK scheme with respect to UDPtraffic:. Packet Delivery Ratio, PDR: the ratio of the number of packets received at thedestination and the number of packets sent by the source. Routing Overhead, RO : theratio of the amount of routing related transmissions (HELLO, TC, 2ACK and CBR) to 229
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEMEthe amount of data transmissions. The amounts are in bytes. Both forwarded andtransmitted packets are counted.A. PACKET DELIVERY RATIOPDR: It is the ratio of the number of packets received at the destination and the numberof packets sent by the source.In the Figure10 the Rack is 0.2 Table 1 The Relative Throughput Supported by 2ACK-OLSR and OLSR Pm 0.1 0.2 0.3 0.4 OLSR 0.895 0.775 0.655 0.536 2ACK- 0.950 0.950 0.950 0.950 OLSR In Table1, the relative throughput, normalized number of packets received ispresented, when the 2ACK-OLSR scheme and the OLSR scheme are used. Based onTable1, the relative throughput reduces when pm increases due to higher chances of usingroutes with misbehaving links and longer time being spent to switch to good routes.From the table, it can be observe that the 2ACK-OLSR scheme outperforms the OLSRscheme in terms of relative throughput, especially in the networks with larger pm. Itrepresents packet delivery ratio (PDR), the total number of data packets that are received. Figure 10 Packet Delivery Ratio of OLSR and 2ACK-OLSR at different misbehavior ratio. 230
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEMEB. ROUTING OVERHEADIn the Figure11 the Rack is 0.2 Table 2 The Routing overhead by 2ACK-OLSR and OLSR 0.1 0.2 0.3 0.4 OLSR 0.280 0.294 0.307 0.318 2ACK- 0.700 0.700 0.700 0.700 OLSR In the Table 2 the routing overhead is increased as a misbehavior ratio increasedin the case of OLSR. The routing overhead is calculated by using the formula as givenHELLO + TC/CBR for different Pm. The routing is calculated for the 2ACK-OLSR byusing the formula HELLO+TC+2ACK/CBR. The higher routing overhead in the 2ACK-OLSR scheme is due to the transmission of extra acknowledgment packets.VI. CONCLUSIONS The 2ACK scheme which helps detect misbehavior by a two hopacknowledgement. The 2ACK scheme is a network-layer technique to detectmisbehaving links and to mitigate their effects. The 2ACK scheme detects misbehaviorthrough the use of a new type of acknowledgment packet, termed 2ACK. Figure 11 Routing overhead of OLSR and 2ACK-OLSR at different misbehavior ratio. A 2ACK packet is assigned a fixed route of two hops (three nodes N1, N2, N3),in the opposite direction of the data traffic route. This technique identifies misbehavingnodes which had agreed to forward data packets originating from the source node butlater refuse to do so during actual data transfer and it helps to reduce the routingoverhead. The 2ACK technique is based on a simple 2-hop acknowledgment packet that 231
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEMEis sent back by the receiver of the next-hop link. The 2ACK scheme can be used as anadd-on technique to routing protocols such as OLSR in MANETs. One advantage of the2ACK scheme is its flexibility to control overhead with the use of the Rack parameter.VII. FUTURE WORK In this work, focus is given only on link misbehavior. The more troublesome taskis to determine the characteristics of a single node. The main reason behind this is thecommunication is only between two nodes, and is not any node’s sole act. So, any nodesassociated with the misbehaving links should be punished carefully. In case of a linkmisbehaving, then any one of the two co-related nodes may be misbehaving in theassociation. In order to find the characteristics and punish a node, the behavior of linksaround that node should be analyzed. A second case may arise wherein Node N1 floodsNode N2 with packets thus causing N2 to drop packets. Hence it is imperative that beforedeclaring a node to be selfish on the basis of the number of packets dropped, compute theratio of number packets received against the number of packets dropped should becomputed.VIII. REFERENCES[1] Aad I., Hubaux J.-P., and Knightly E-W., “Denial of Service Resilience in Ad Hoc Networks,” Proc. MobiCom, pp. 202-215, 2004.[2] Baker M, Giuli T., Lai K. and Marti S., “Mitigating Routing Misbehavior in Mobile Ad Hoc Networks,” Proc. MobiCom, pp. 255-265, Aug. 2000.[3] Balakrishnan K., Deng J., and Varshney P. K., “TWOACK: Preventing Selfishness in Mobile Ad Hoc Networks,” Proc. IEEE Wireless Comm. and Networking Conf. (WCNC ’05), pp.2137-2142 Mar. 2005.[4] Buttyan L. and Hubaux J. -P., “Security and Cooperation in Wireless Networks,” http://secowinet.epfl.ch/, 2006.[5] Buttyan L.and Hubaux J.-P., “Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks,” ACM/Kluwer Mobile Networks and Applications, vol. 8, no. 5, pp. 579-592, 2003.[6] Buttyan L. and Hubaux J.-P., “Enforcing Service Availability in Mobile Ad-Hoc WANs,” Proc. MobiHoc, pp, 255-265, Aug. 2000. 232
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEME[7] Buchegger S. and Le Boudec J.-Y., “Performance Analysis of the CONFIDANT Protocol: Cooperation of Nodes, Fairness in Dynamic Ad-Hoc Networks,” Proc. MobiHoc, pp. 226-236, June 2002.[8] Buttyan L., Hubaux J.-P.,and Jakobsson M., “A Micropayment Scheme Encouraging Collaboration in Multi-Hop Cellular Networks,” Proc. Financial Cryptography Conf., pp. 609-612, Jan. 2003.[9] Chiasserini C.F., Nuggehalli P., Srinivasan V., and Rao R.R., “Cooperation in Wireless Ad Hoc Networks,” Proc. INFOCOM, vol.2, pp. 808-817 Mar.-Apr. 2003.[10] Dipak Ghosal, Rose P. Tsang, and Stephen Mueller. “Multipath Routing in Mobile Ad Hoc Networks: Issues and Challenges in Performance tools and applications to networked systems” revised tutorial lectures 2004, Volume 2965, Pages 209-234, Year of Publication :2004, ISBN 3-540-21945-5[11] Floyd S., Mathis M., Mahdavi J., and Romanow A., “RFC 2018 TCP Selective Acknowledgement Options,” technical report, PSC, LBNL, Sun Microsystems, Oct. 1996.[12] Jing Deng, Kejun Liu, Pramod K. Varshney, Fellow and Kashyap Balakrishnan. An Acknowledgment-Based Approach for the Detection of Routing Misbehavior in MANETs IEEE Transactions on Mobile Computing, Volume 6 , Issue 5 (May 2007) Pages 536-550, Year of Publication: 2007, ISSN: 1536-1233[13] Miranda H. and Rodrigues L., “Preventing Selfishness in Open Mobile Ad Hoc Networks,” Proc. Seventh CaberNet Radicals Workshop, Oct. 2002.[14] Nahrstedt K. and Xue Y., “Providing Fault-Tolerant Ad-Hoc Routing Service in Adversarial Environments,” Wireless Personal Comm., vol. 29, nos. 3-4, pp. 367- 388, 2004.[15] Sundararajan T.V.P., Dr.Shanmugam A.” Performance Analysis of Selfish Node Aware Routing Protocol for Mobile Ad Hoc Networks”, ICGST-CNIR Journal, Volume 9, Issue 1, July 2009[16] Haas Z.J. and L. Zhou and. Securing Ad Hoc Networks in IEEE Network Magazine, 1999.Volume 13, Nov./Dec. 1999, Issue 6. Pages.551-567, Year of Publication: 2003 ISBN: 0-8493-1332-5 233
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),ISSN 0976 – 6375(Online) Volume 1, Number 1, May - June (2010), © IAEME[17] Nahrstedt K. and Xue Y., “Providing Fault-Tolerant Ad-Hoc Routing Service in Adversarial Environments,” Wireless Personal Comm., vol. 29, nos. 3-4, pp. 367- 388, 2004.[18] Sundararajan T.V.P., Dr.Shanmugam A.” Performance Analysis of Selfish Node Aware Routing Protocol for Mobile Ad Hoc Networks”, ICGST-CNIR Journal, Volume 9, Issue 1, July 2009[19] The Network Simulator – ns-2 - http://www.isi.edu/nsnam/ns/[20] Tutorial for Ns-2 - http://www.isi.edu/nsnam/ns/tutorial/[21] NS by Example - http://nile.wpi.edu/NS/[22] Unik olsrd homepage http://www.olsr.org 234