IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
COMPARING THREE PROTOCOLS OF DODV, DSR, DSDV FOR VANET NETWORK
Kw2418391845
1. Santhoshkumar.H.P, Prof.Sameena Banu / International Journal of Engineering Research and
Applications (IJERA) ISSN: 2248-9622 www.ijera.com
Vol. 2, Issue 4, July-August 2012, pp.1839-1845
Similarities & Differences of Mobile Adhoc Network Routing
Protocols
*Santhoshkumar.H.P,
Under the Guidance of Prof.Sameena Banu
*M.Tech (CSE) K.B.N.C.E., Gulbarga, Affiliated to VTU, Belgaum, Karnataka
ABSTRACT
The advantage of Mobile Ad-hoc which require a protocol with reasonable
Networks (MANETs) is to form a wireless security and reasonable resistance to DOS, a
network in the absence of fixed infrastructure. kind of middle-ground. It has been suggested
Early stages of routing protocols of MANETs that various trust mechanisms could be used to
were, incapable of handling security issues but develop new protocols with unique security
by the introduction of newer techniques like assurances at different levels in this trade- off
cryptographic techniques enabled them to [5,27]. However, the arguments for this have
handle the routing information securely. The been purely theoretical or simulation-based.
present paper details the newly proposed Determining the actual span of this trade-off
SAODV and TAODV and further compares the inreal world implementations is of utmost
same with the existing MANET routing protocols importance in directing future research and
protocol design.
Keywords - Mobility, Ad-hoc, Security, Routing, In this paper considers two proposed protocol
Cryptography, TAODV, SAODV Performance. extensions to secure MANET routing. The first,
SAODV [25], uses cryptographic methods to
I. INTRODUCTION secure the routing information in the AODV
In traditional wireless networks, a base protocol. The second, TAODV [15], uses trust
station or access point facilitate communications metrics to allow for better routing decisions and
between nodes with in the network and penalize uncooperative nodes. While some
communications with destinations outside the applications may be able to accept SAODV’s
network. In contrast, MANETs forms a vulnerability to DoS or TAODV’s preventative
network in the absence of fixed infrastructures. security, most will require an intermediate
The requirement of these networks is only nodes protocol tailored to the specific point on the
that can interact with radio hard wares so as to DoS/security trade-off that fits the application. The
route the traffic using the routing protocol. Thus tailored protocols for these applications will also
the reduced essential requirement s of such require performance that falls between that of
networks, along with their adoptability into tiny SAODV and TAODV. Understanding how the
resource-limited devices made them more popular SAODV and TAODV protocols (which are on
and is much preferred for several applications in the boundaries of the DoS/security trade-off)
the area of communications. Routing protocols perform on real hardware, and to what extent there
determines the nature of data forwardness as exists a performance gap is a prerequisite for being
well as its adaptability to topology changes that able to develop the intermediate protocols. Such
results by mobility. Initial MANET routing evaluation is not only required for
protocol like AODV [18], was not designed to developing intermediate protocols, but also for
withstand malicious nodes within the network or determining the direction for development of new
outside attackers near by with malicious intent. trust metrics for ad- hoc networks. In this
Subsequent protocols and protocol extensions paper we provide the first performance
have been proposed to address the issue of evaluations for these protocols on real world
security [1,2,8,14,20,24,25,26]. Many of these hardware
protocols seek to apply cryptographic methods
to the existing protocols in order to secure the II. RELATED WORK
information in the routing packets. This attack is Several different protocols have been
very effective in MANETs as the devices often proposed for ad-hoc routing. The earliest protocols
have limited battery power in addition to the such as DSDV [19], DSR [11], and AODV [18]
limited computational power. The trade-off focused on problems that mobility presented to
between strong cryptographic security and DOS the accurate determination of routing
(Denial of service) has become increasingly information. DSDV is a proactive protocol
important as MANET applications are developed requiring periodic updates of all the routing
information. In contrast, DSR and AODV are
1839 | P a g e
2. Santhoshkumar.H.P, Prof.Sameena Banu / International Journal of Engineering Research and
Applications (IJERA) ISSN: 2248-9622 www.ijera.com
Vol. 2, Issue 4, July-August 2012, pp.1839-1845
reactive protocols, only used when new implemented each of them on real hardware
destinations are sought, a route breaks, or a route is and measured their performance. In this section
no longer in use. As more applications were we detail the setup for the experiments used to
developed to take advantage of the unique acquire these measurements. We first describe the
properties of ad-hoc networks, it soon became supporting hardware and software setup for our
obvious that security of routing information was implementations. We then present details on the
an issue not addressed in the existing protocols. actual implementation for each of the three
In [13], Lundberg presents several potential protocols. Finally we detail the design of
problems including node compromise, the experiments used to evaluate the protocols and
computational overload attacks, energy explain why these tests are more relevant than
consumption attacks, and black hole attacks. Deng other more common metrics.
et al. further discuss energy consumption and
black hole attacks along with impersonation Our AODV implementation is the result
and routing information disclosure in [3]. of previous paper in this area. The implementation
Jakobsson et al. categorize attacks as is designed to run on the Linux/windows x
manipulation of routing information and operating system. As with many other AODV
exhaustive power consumption, and provide implementations for Linux/winX, it separates
detailed treatments of many characteristic attacks in functionality into a kernel module and a user space
[10]. daemon. The kernel module uses hooks in the net
filter interface to send packet headers from the
While research has focused on wireless interface to the user space daemon. The
“lightweight” security mechanisms, some daemon then determines how to handle the packet.
proposed protocols use more expensive If the packet is a routing control packet, then the
asymmetric cryptography. In [26], Zhou and Haas daemon processes the packet in accordance with the
present a multi-path protocol extension that AODV specification. If instead the packet is a
uses threshold cryptography to implement the data packet, the daemon determines whether or
key management system. It requires some nodes not a route exists to the necessary destination. If
to function as servers and an authority to initialize there is a suitable route, the packet is flagged and
these servers. Zapata and Asokan propose the kernel module queues it to be sent out. If no
SAODV [25], a secure version of AODV, route exists, the daemon begins route discovery.
which uses digital signatures and hash chains Once a route is found, the daemon enters the route
to secure the routing messages. into the kernels routing table. It then flags the
packet (and any additional packets arriving
In [22], Pissinou et al. propose a trust- during discovery) to be queued for
based version of AODV using static trust levels. transmission. The implementation is written
The same authors then extend this protocol in completely in Java.
[7] to thwart multiple colluding nodes. Neither
of these adress securing the trust exchanges, or the
overhead involved. Li et al.introduce a trust-
based variant of AODV in [12] that secures the
trust information. However, their protocol
requires an intrusion detection system in the
network. Finally, Meka et al. propose a third
trusted AODV with a simple method of
evaluating trust even without source routing [15].
Our work in this paper considers Figure-1 : Network setup for round trip
the asymmetric cryptography and trust-based timings
extensions to AODV presented in [25] and
[15] respectively and shows a real world In order to implement SAODV, it was
comparison of the performance of the two necessary to have a library of cryptographic
protocols. Our results suggest that new protocols operations. We used Open SSL for this purpose,
can be developed which take advantage of the and we developed a security library which
best features of both types of protocols, and which wrapped much of Open SSL’s
share aspects of each security model. functionality into components appropriate for ad-
hoc routing purposes. One particularly useful
III. IMPLEMENTATION feature of the security library is that it allows
In order to get an understanding for easy use of several different OpenSSL contexts
the real world performance of the AODV, at once. For SAODV, this was useful as nodes
SAODV, and TAODV protocols, we have must switch between signing, verifying, and
1840 | P a g e
3. Santhoshkumar.H.P, Prof.Sameena Banu / International Journal of Engineering Research and
Applications (IJERA) ISSN: 2248-9622 www.ijera.com
Vol. 2, Issue 4, July-August 2012, pp.1839-1845
hash chain operations rapidly to both send and Implementing TAODV required many
receive routing messages. New data structures additions similar to those involved in SAODV.
were added for SAODV’s single signature New data structures were used for the NTT as
extension and the necessary code was added to the well as the extended messages and the new R
message processing functions for RREQ, ACK message. Similarly, message handling
RREP, HELLO, and RERR messages. The functions were updated to use the extensions and
design of the AODV implementation allowed take the appropriate actions. One challenge in
SAODV functionality to be implemented while implementing TAODV was counting packets
maintaining one binary with the ability to sent, forwarded, or received for a particular
run both protocols. route. While it intuitively seems to be something
that should be implemented in the kernel
module that is already tied into the net filter
framework, this would require extra data
exchange between the kernel module and the
daemon. Since our implementation already
passes packet headers to the daemon for route
discovery initiation and flagging, it was simply
necessary to place the counting mechanism in
the daemon.
Keeping track of the additional
routing information required significant extension
Fig 2: Trusted center for Both the protocols of our AODV implementation. The original
implementation does not support any multi-
path entries in the routing table. Modifying
it to support such a setup for TAODV would
have required rewriting significant amounts of
the base AODV code. Instead, we implemented a
multi-path capable routing table for use
exclusively by the TAODV protocol. When a
node initially discovers a route, or changes the
active route to a particular destination, it merely
copies the necessary entry to the daemon’s
local routing table and marks it as having been
Fig 3: Using the TAODV send the message altered so that it is updated in the kernel’s
routing table at the next sync. This simplified
the implementation using only a negligible
amount of extra memory.
3.1 Testing
There were two performance factors we
were interested in for the purposes of this
comparison. The first is the per- packet processing
overhead. It is important to note that only CPU time
Fig 4: Using the TAODV receive the message was measured. Therefore this overhead reflects
use of the processor by each protocol. In these tests
we use AODV as a baseline. Thus, for SAODV
we measure the time it takes to generate an SSE
for RREQ, RREP, and HELLO messages. We
also measure the time it takes for a node to verify
an SSE for those same messages. For
TAODV we measure how long it takes a node to
generate or process and update RREP and R ACK
messages. Due to the fact that some of the
operations we measure have a runtime less than
the resolution of our timer (5ms as per the Linux
kernel), we perform a large number of operations
back-to-back per measurement. We then make
Fig 5: Using the SAODV send the message multiple measurements.
1841 | P a g e
4. Santhoshkumar.H.P, Prof.Sameena Banu / International Journal of Engineering Research and
Applications (IJERA) ISSN: 2248-9622 www.ijera.com
Vol. 2, Issue 4, July-August 2012, pp.1839-1845
Obviously, this can place a significant burden on
Operation Processin Std.Devation each node.
g
SSE 25.8
Time(ms) 0.18 Operation Processin Std.Devati
Generatio g Time on
SSE
n 2.6 0.06 RReq/Hello Send
Validatio 0.354 0.019
n
RReq/ Hello
Our second performance metric is round Processing 0.3545 0.019
trip time for route discovery. The justification for
R Ack Send 0.193 0.003
this metric lies in the fact that we are looking at
securing the routing control packets. Once a route
is established, data is forwarded with the same RAck Proces
efficiency regardless of the routing protocol. 0.210 0.004
Therefore, it is important to see how the per- Since SAODV requires that each message with
packet overhead along with the increased packet a SSE is validated before any further processing
size affect the time for route discovery. For this takes place, each RREQ and RREP gets delayed
test, we measure the performance of AODV in 3.8 milliseconds at each hop which forwards it. In
addition to that of SAODV and TAODV. This is addition, HELLO messages take the same
necessary because both AODV and TAODV will amount of time to be validated. While nodes are
generate RREPs after fewer hops when the supposed to let ALLOWED HELLO LOSS *
destination’s neighbor responds, while SAODV HELLO INTERVAL milliseconds pass before
requires that the destination itself responds. For deciding a link is broken and a neighbor should
our experiments, we used a five node be removed from its routing table, it is
network consisting of one laptop and four conceivable that on a node with several
Zauruses as illustrated in Figure 1. We used the neighbors and a large amount of data to
network sniffer ethereal [6] running on the laptop forward, route status may ßuctuate for some
to measure the time elapsed from the sending of neighbors whose HELLO packets get delayed in
the RREQ to the receipt of the RREP. validation.
VI. RESULTS In TAODV, we measure the per-packet
For the per-packet overhead tests, we overhead for RREP, HELLO, and R ACK
measured the amount of processing time a node messages. The system-wide parameters discussed
spends above and beyond that required for in [15] do not influence the overhead of TAODV
conventional AODV. All tests were performed on for any of the tests we performed. However, it was
the Zauruses with only the necessary software necessary to fix these values to allow for
running (i.e., no graphical login manager, no X the calculation of RSV. For all TAODV tests
server, etc.). In the SAODV tests, we measure we used the following system-wide parameter
generation and validation of the SSE which values: i = 0.8, p= 0.6, ph = 0.4, pc = 0.2, α1= 0.4,
requires hash computation and a digital α2= 0.4, and α3= 0.2. Due to the very small
signature/verification. The hash function used for running time of the operations, one million
these tests was MD5 and the digital operations were performed per measurement and
signature/verification was performed using a 5000 measurements were taken. Table 2 shows the
256-bit RSA key pair. There were 1000 operations results for the TAODV tests.
run per measurement and 1000 measurements
overall. Table 1shows the results of our SAODV As the results show, there is much less
tests. per-packet overhead for TAODV when compared
to SAODV. The main source of overhead involved
Consequently, in order to send a RREQ, the R ACK packets. Since the R ACK
RREP, or HELLO message, the node spends packets are new packets rather than packet
30.8 milliseconds generating the SSE. The extensions, it was necessary to allocate a packet
significant impact on performance occurs in buffer in the message sending system of our
generating the SSE for HELLO messages since implementation each time a R ACK packet was to
they are sent periodically. According the to be sent. With other messages that were extended,
AODV specification, a node should send a HELLO the packet buffer was already allocated and the
message every HELLO INTERVAL milliseconds extension was simply written into free space at
unless it has broadcast any messages during the the end. This difference contributed
previous interval. This means that only RREQ and significantly to the 0.193ms overhead for sending
RERR messages could prevent sending a HELLO the R ACK message.
message, as all other messages are unicast.
1842 | P a g e
5. Santhoshkumar.H.P, Prof.Sameena Banu / International Journal of Engineering Research and
Applications (IJERA) ISSN: 2248-9622 www.ijera.com
Vol. 2, Issue 4, July-August 2012, pp.1839-1845
These results show that SAODV is
indeed a significantly more expensive protocol.
Table 4: Performance of SAODV
Specifically, SAODV takes 2.35 times as long as
conventional AODV to get a RREP back to a
RREQ originator. This is due, in part, to the
added cryptography and increased message size.
This is also due to the inability of intermediate
nodes to respond to RREQs. Traversing the
additional hop in both directions adds to the
latency.
The results also show that the use of
SAODV will require adjustments to the
Table 5: Comparison of SAODV & TAODV recommendations for configurable parameters
in AODV. This is missing from the current draft
The overhead for processing the R ACK standard for SAODV. For example, the current
message was almost completely due to the suggested NODE TRAVERSAL TIME is 40ms
recalculation of the OTV and RSV values. The which results in NET TRAVERSAL TIME being
TAODV implementation used double primitives set to 1400ms. The value of NET
for all calculations in order to keep with the TRAVERSAL TIME serves as the timeout for
protocol description in [15]. RREQ messages. Consequently, as per the
results above, if these parameters were not
4.1 Comparison results adjusted, nodes would have problems discovering
The round trip tests for route discovery routes of length greater than ten hops.
were performed for all three protocols. This was
particularly important due to the differences in In some applications this may not
which node sends the RREP as described in Section cause problems. However, in certain
4.1. Due to the nature of the measurements, only applications such as large area sensor networks,
one route discovery operation could be routes of this length or greater would not be
executed per measurement. Overall 5000 unreasonable to expect. TAODV, on the other
of these individual measurements were hand, takes only 1.11 times as long as AODV.
performed. Table 3 shows the results of the tests. This shows that the trust- based calculations and
additional information exchange can be used
without incurring the overhead of SAODV.
Protocol Round Std.Deviation While there is some expense for the trust
Trip time calculations, it is not nearly as expensive as
AODV 138.772 0.765 the cryptographic operations. The results show
SAODV 124.341 0.543 that TAODV is indeed at the opposite end of the
TAODV 172.553 0.832 trade-off from SAODV. This is due to the fact
that the TAODV information itself in each packet
Table 3 Round Trip Time is not secured.
Overall, the results show that there is
indeed a wide spectrum in the tradeoff between
cryptographic security and DoS. By adding an
appropriate lightweight security mechanism to
secure the trust information in the routing
packets, a hybrid protocol can be created
which is less expensive than SAODV and more
1843 | P a g e
6. Santhoshkumar.H.P, Prof.Sameena Banu / International Journal of Engineering Research and
Applications (IJERA) ISSN: 2248-9622 www.ijera.com
Vol. 2, Issue 4, July-August 2012, pp.1839-1845
secure than TAODV. Future protocol designs
should seek to use various new combinations [7]. Y. Hu, D. Johnson, and A. Perrig.
of smarter, trust-based metrics and SEAD: Secure efficient distance vector
lightweight security mechanisms in order to routing for mobile wireless ad hoc
develop hybrid protocols across this spectrum networks. Ad Hoc Networks, I:175–192,
2003.
V. CONCLUSION
In this paper, we have compared the [8]. M. Jakobsson, S. Wetzel, and B. Yener.
SAODV and TAODV protocols for securing Stealth attacks on ad hoc wireless
ad-hoc network routing. We presented the networks. In Proceedings of VTC,
results of implementation and evaluation of both 2003, 2003.
protocols. The expected difference between the
two protocols was shown to be consistent with [9]. D. B. Johnson and D. A. Maltz.
this real world scenario. These experiments Dynamic source routing in ad hoc
showed that there is significant room between the wireless networks. In Imielinski and
two protocols for a secure hybrid protocol to Korth, editors, Mobile Computing,
be developed which takes advantage of the volume 353. Kluwer Academic
strongest points of both. Publishers, 1996.
REFERENCES [10]. X. Li, M. Lyu, and J. Liu. A trust model
based routing protocol for secure ad hoc
[1]. C. N.-R. Baruch Awerbuch, David networks. In Proceedings of the
Holmer and H. Rubens. An on-demand Aerospace Conference, 2004.
secure routing protocol resilient to
byzantine failures. In ACM Workshop [11]. J. Lundberg. Routing security in ad
on Wireless Security (WiSe), September hoc networks, 2000.
2002.
[12]. S. Marti, T. J. Giuli, K. Lai, and M.
[2]. S. Buchegger and J.-Y. L. Boudec. Baker. Mitigating routing misbehavior in
Nodes Bearing Grudges: Towards
mobile ad hoc networks. In Mobile
Routing Security, Fairness, and Computing and Networking, 2000.
Robustness in Mobile Ad Hoc
Networks. In Proceedings of the Tenth
[13]. K. Meka, M. Virendra, and S. Upadhyaya.
Euromicro Workshop on Parallel,
Trust based routing decisions in mobile
Distributed and Network-based
ad-hoc networks. In Proceedings of the
Processing. IEEE Computer Society,
Workshop on Secure Knowledge
January 2002.
Management (SKM 2006), 2006.
[3]. H. Deng. Routing security in wireless ad
[14]. C. Perkins, E. Belding-Royer, and S.
hoc networks, 2002.
Das. Ad hoc on-demand distance vector
(aodv) routing. July 2003.
[4]. L. Eschenauer, V. Gligor, and J.
Baras. On trust establishment in mobile
ad-hoc networks.Technical Report MS [15]. C. Perkins and P. Bhagwat.
2002-10, Institute for Systems Research, Highly dynamic destination-sequenced
University of Maryland, MD, USA, distance-vector routing (DSDV) for
October 2002. mobile computers. In ACM
SIGCOMM’94 Conference on
[5]. Ethereal - A Network Communications Architectures,
Protocol Analyzer. Protocols and Applications, pages 234–
http://www.ethereal.com/. 244, 1994.
[6]. T. Ghosh, N. Pissinou, and K. [16]. A. Perrig, R. Szewczyk, V. Wen, D. E.
Makki.Collaborative trust-based secure Culler, and J. D. Tygar. SPINS:
routing against colluding malicious nodes security protocols for sensor
in multi-hop ad hoc networks. In LCN netowrks. In Mobile Computing and
’04: Proceedings of the 29th Annual Networking, 2001.
IEEE International Conference on Local
Computer Networks (LCN’04). IEEE [17]. N. Pissinou, T. Ghosh, and K. Makki.
Computer Society, 2004. Collaborative trust-based secure routing
1844 | P a g e
7. Santhoshkumar.H.P, Prof.Sameena Banu / International Journal of Engineering Research and
Applications (IJERA) ISSN: 2248-9622 www.ijera.com
Vol. 2, Issue 4, July-August 2012, pp.1839-1845
in multihop ad hoc networks. In credential services”, in 3rd International
NETWORKING 2004, Networking conference ICACCT-
Technologies, Services, and Protocols; 2008,www.apiitindia.org/icacct2008.
Performance of Computer and
Communication Networks; Mobile
and Wireless Communications, 2004. [26]. R.Balakrishna, M.V.Panduranga Rao,
Dr.K.C.Shet,” Development of
[18]. S. Yi, P. Naldurg, and R. Kravets. Scheduler for Real Time and
Security-aware ad hoc routing for Embedded System Domain”, in digital
wireless networks. In MobiHoc ’01: library at IEEE AINA-2008 International
Proceedings of the 2nd ACM Conference, JAPAN,. The details
international symposium on Mobile ad about the conference is available
hoc networking & computing, pages at http://www.aina-conference.org/2008/
299–302, New York, NY, USA, 2001.
ACM Press. [27]. R.Balakrishna, Dr.U.Rajeswar Rao,
Dr.G.A. Ramachandra “Reliability in
[19]. M. G. Zapata and N. Asokan. Securing MANETS USING Enhanced double
ad hoc routing protocols. In WiSE ’02: coverage broad casting algorithm”,In.J.of
Proceedings of the ACM workshop on Advanced Network Applications, Vol.3
Wireless security. ACM Press, 2002. and Issue 3. Page No 147 to 154
[20]. L. Zhou and Z. J. Haas. Securing ad
hoc networks. IEEE Network, 13(6):24–
30, 1999.
[21]. C. Zouridaki, B. L. Mark, M.
Hejmo, and R. K. Thomas. A
quantitative trust establishment
framework for reliable data packet
delivery in manets. In SASN ’05:
Proceedings of the 3rd ACM *Santhoshkumar.H.P,
workshop on Security of ad hoc and
sensor networks, pages 1–10, New York, *M.Tech(CSE) ,K.B.N.C.E.,Gulbarga,
NY, USA, 2005. ACM Press. Affiliated to VTU, Belgaum,
Karnataka
[22]. R.Balakrishna,M.Murali Mohan Reddy
Dr.U.RajeswarRao,Dr.G.A.Ramachandra
, “Routing Misbehavior Detection in
MANET Using 2ACK”, in IEEE
Advanced Computing Conference,
Thapur University, Patala,2008.
[23]. R.Balakrishna, M.Murali Mohan
Reddy, Dr.U.Rajeswar Rao,
Dr.G.A.Ramachandra,” detection of
routing misbehavior in mobile ad hoc
networks using enhanced 2ack (e-
2ack)”,in IEEE Advanced Computing
Conference in at , Thapur
University, Patal,2008.
[24]. R.Balakrishna, Dr.U.Rajeswara Rao,
Dr.N.Geethanjali, “Secure Key Exchage
protocol for Credential Services”,
Published in Defence science Jounal
in May 2009.
[25]. R.Balakrishna, Dr.U.Rajeswara Rao,
Dr.N.Geethanjali “A secured
authenticated key exchange protocol for
1845 | P a g e