X RAJKUMAR (1) (1)

Int. J. Networking and Virtual Organisations, Vol. X, No. Y, xxxx 1
Copyright © 20XX Inderscience Enterprises Ltd.
Secure multipath routing and data transmission in
MANET
Banoth Rajkumar*
Department of Computer Science and Engineering,
JNTUH College of Engineering,
Hyderabad, India
Email: naaniraj@gmail.com
*Corresponding author
Gugulothu Narsimha
Department of Computer Science and Engineering,
JNTUH College of Engineering,
Nachupally, KarimNagar, India
Email: narsimha06@gmail.com
Abstract: In mobile ad hoc network (MANET), providing security during
multipath routing protocol and during the data transmission with the multiple
routes is a challenging task. For this, in this paper, we propose a secure
multipath routing and data transmission in which RREQ packets are signed
using digital signatures (Vaidya and Lim, 2009) for route discovery. When the
destination receives first RREQ packets from the node, the destination verifies
all the signatures and caches the route list by the session key of source node.
Then, it sends the RREP via the same path to source node. If the signature is
verified, then the path will be accepted. At the source node, the message parts
are encrypted using session keys and hash function. Based on the trust level of
the nodes, secure routing can be performed. An algorithm was used to choose
an optimal secure routing path. The messages are then fragmented into four
parts, soft encrypted and performed XOR operations. Finally, the destination
node decrypts and recovers the original message. Simulation result show that
the proposed approach can improves the packet delivery ratio with reduced
delay, packet drop, and resilience.
Keywords: ad-hoc on-demand distance vector;AODV; dynamic source
routing; DSR; secure, disjoint, multipath source routing; SDMSR; credit-based
systems; reputation-based systems.
Reference to this paper should be made as follows: Rajkumar, B. and
Narsimha, G. (xxxx) ‘Secure multipath routing and data transmission in
MANET’, Int. J. Networking and Virtual Organisations, Vol. X, No. Y,
pp.xxx–xxx.
Biographical notes: Banoth Rajkumar obtained his Bachelor’s in Computer
Science and Engineering from National Institute of Technology (NITH)
Hamirpur, Himachal Pradesh, India. Then, he obtained his Master’s in
Computer Science and Engineering and pursuing his PhD in Computer Science
and Engineering on the topic ‘Authenticated route formation for securing ad
hoc networks – a security perspective’ both from Jawaharlal Nehru
Technological University Hyderabad Andhra Pradesh India. He has also

2 B. Rajkumar and G. Narsimha
obtained CCNA-exploration qualifications. Currently, he is a Lecturer at the
College of Computing and Informatics, Haramaya University, Ethiopia. His
specialisations include computer network, networking, mobile computing, and
compiler design, design and analysis of algorithm, MANET and discrete
mathematics. His current research interests are MANERT, public key
infrastructure, network security, and authentication server.
Gugulothu Narsimha received his BE in Electronics and Communication
Engineering form the University College of Engineering, Osmania University
Hyderabad, passed in 1996, MTech in Computer Science and Engineering from
the University College of Engineering, Osmania University Hyderabad, passed
in 1999, and PhD in Computer Science and Engineering from the University
College of Engineering, Osmania University Hyderabad. He has about ten
years and six months of teaching experience. Currently, he is an Assistant
Professor in the Computer Science and Engineering Department at JNTUH
College of Engineering, Nachupally. His research interests are in resource and
mobility management for wireless mesh networks, wireless sensor networks
and heterogeneous wireless networks.
1 Introduction
1.1 Background
Mobile ad hoc networks (MANETs) consist of a collection of wireless mobile nodes,
which can dynamically exchange data among themselves without the reliance on a
fixed-base station or a wired backbone network. MANET nodes are typically
distinguished by their limited power, processing, and memory resources as well as high
degree of mobility (Jaisankar and Saravanan, 2010). In MANET, several routing
protocols can be used, such as ad-hoc on-demand distance vector (AODV) and dynamic
source routing (DSR) (Vaidya and Lim, 2009).
However, the unreliability of the wireless medium and the dynamic topology due to
nodes mobility or failure result in frequent communication failures and high delay during
path re-establishments (Vaidya and Lim, 2009).
1.1.1 Multipath routing in MANET
In multipath routing, nodes have multiple paths to communicate within the transmission
range, thereby facilitating efficient connectivity between transmitters that may not be
within each other’s wireless range (Singh et al., 2014).
Multiple disjointed paths can exist between nodes; therefore, multipath routing can be
used to statistically enhance the confidentiality of exchanged messages between source
and destination nodes. Sending a confidential data on one path helps the attackers to get
the whole data, whereas sending it in parts on different disjointed paths increases the
confidentiality robustness because it is almost impossible to obtain all the parts of a
message divided and sent on multiple paths existing between the source and the
destination (Geetha and Sujatha, 2010).
A multipath routing protocol is a promising technique to overcome problems of
frequent topological changes and link instability as the use of multiple paths could
diminish effect of possible node and link failures. Thus, multipath ad hoc routing

Secure multipath routing and data transmission in MANET 3
protocols are deemed superior over single-path routing protocols as the former provides
robustness, increased reliability, less end-to-end delay, load-balancing, and security
(Singh et al., 2014).
MANETs are prone to numerous types of routing faults including,;
• transmission errors
• node failures
• link failures
• route breakages
• congested nodes or links.
However, the major disadvantage is that more collision occurs among correlated routes
due to multipath routing and degrades network performance i.e., packet delivery ratio
(Singh et al., 2014). In MANET environment, the nodes may also be selfish and
malicious. The selfish behaviour may drop the packets, whereas the malicious behaviour
may launch the passive or active attacks and decrease the reliability of the data transfer
(Koul et al., 2009; Johnson et al., 2007; Mavropodi et al., 2007).
1.1.2 Secure multipath routing in MANET
The presence of malicious nodes may cause serious message security concerns. Few of
these concerns are: message confidentiality, message availability, and node's
authentication. Owing to these issues associated with cooperative routing, providing a
complete message security in MANETs is still a challenge (Liu et al., 2011; Ehrampoosh
and Mahani, 2011; Vaidya and Lim, 2009; Khaleel and Ahmed, 2012; Khalil and Bagchi,
2011).
The security systems offer authentication, confidentiality, integrity, and non-
reputation. Here, the detection of passive attack is very difficult because the operation of
the network itself is not affected. One of the solutions to the problem is to use powerful
encryption mechanism to encrypt the data being transmitted. Similarly, an active attack
attempts to alter and destroy the data being exchanged in the network, thereby disrupting
the normal functioning of the network. Active attacks can either be internal or be
external. External attacks are carried out by nodes that do not belong to the network,
whereas internal attacks are caused by the compromised nodes that are part of the
network. Active attacks carried out when the nodes involving actions such as
impersonation, modification, fabrication, and replication. Both passive and active attacks
can be made on any layer of the network protocol stack (Geetha and Sujatha, 2010;
Tague et al., 2011; Bansal, 2013; Zakhary and Radenkovic, 2010; Zhao et al., 2010).
The active attack parameters are:
• resource consumption attack
• rushing attack
• black hole attack
• gray hole attack
• wormhole attack (Geetha and Sujatha, 2010).

Some of the different multipath routing algorithms for enhancing data securities are
multipath TCP security (MTS), secure multipath routing (SecMR) (Geetha and Sujatha,
2010), and secure, disjoint, multipath source routing (SDMSR) in which the source node
selects the available routes one by one systematically. MTS has a well number of sharing
nodes and the highest interruption ratio among all the other algorithms (Singh et al.,
2014).
The various techniques are used to secure the routing such as;
1 credit-based systems – assign rewards in the form of credits to nodes that are
successfully participated in the data forwarding process
2 reputation-based systems – use the node’s reputations as parameters of a reward
policy mechanism to compensate well-behaved nodes and to punish badly behaved
nodes
3 tif-for-tat (TFT) systems – use a TFT strategy to reward good behaved nodes
4 cryptography-based systems – use encryption and/or hard cryptography techniques to
secure the data routing
5 multipath-based secured routing techniques – where the data before transmission is
broken into a number of packets, then encrypted before being routed separately in
the network following different available paths (using a conventional routing
scheme) (Woungang et al., 2012).
1.2 Problem identification and solution
In our first paper (Rajkumar and Narsimha, 2015), we have proposed a trust-based
light-weight authentication routing protocol in MANET in which a multipath route
discovery technique is used to select the path with maximum packet success ratio as an
optimal path for data transmission. For each node in the chosen path, global trust value is
estimated based on direct and indirect trust values of the node. If the trust value of any
node is below the threshold value, then it will be authenticated using the secret sharing
technique. This authentication technique can enhance the reliability, redundancy, and
network lifetime.
However, in Rajkumar and Narsimha (2015), route discovery is not performed
securely as the routing packets may be attacked. Hence, as an extension to the previous
works, we propose a SecMR and transmission technique for MANET. The main
objective of this work is to provide security not only for the multipath routing protocol
but also for data transmission using these multiple routes.
The rest of this paper is organised as follows: Section 2 presents existing work related
to the proposed framework. Section 3 describes a framework for SecMR and data
transmission over MANET. Section 4 depicts a performance evaluation of the proposed
framework. Section 5 provides the conclusions of the paper.
2 Literature review
Vaidya and Lim (2009) have proposed a secure and reliable framework for multimedia
streaming over multipath MANET that provides security for both the ad hoc routing and

for real-time data transfer. This framework is designed based on source routing such as
DSR and has three basic operations, namely, route discovery, data forwarding and route
maintenance. In addition, the communication between source and destination uses
bidirectional communication on each link. However, when the number of malicious
nodes increased, the overload of packet transmission will be high.
Liu et al. (2011) have proposed a method for providing message security in MANET
when nodes cooperate in routing. This approach combines a trust-based multipath routing
scheme and a real-time recurrent neural network–based cipher to deal with the issues
underlying message confidentiality, integrity, and access control. The security approach
uses TR-RRNN scheme for implementation and to find the secured routes. However, if
there is no secured route, then the algorithm will wait for another route. During this time
interval, messages will be failed to deliver.
Athreya and Tague (2011) have proposed a routing mechanism that uses cross-layer
strategies that involve incorporating feedback and information from layers below the
network layer to make decisions at the network layer. RSSI measurements are used in the
physical layer to define node neighbourhood; ETX measurement from the link layer and
node forwarding behaviour from network layer are used to study path reliability via a
utility function. In addition, a path evaluation mechanism is performed for the paths
returned by the multipath routing mechanism. However, the black holing cannot be
avoided during the network bootstrapping phase.
Huang et al. (2011) have proposed a message security approach in MANETs that uses
a trust-based multipath AOMDV routing combined with soft encryption, so-called
T-AOMDV scheme. Moreover, the fuzzy multilevel security was provided a way to
compute a quantified estimate of risk associated with a subject. Trust mechanism
promotes the idea of identifying malicious nodes through packets monitoring and node's
action. However, if the trust value is not appropriate, the chosen path will not be secure
for transferring entire data and the process will be restarted.
Woungang et al. (2012) have proposed an enhanced trust-based multipath DSR
protocol to securely transmit messages in MANETs. This method consists of
soft-encryption, trust management strategy, and multipath DSR routing. Here, history of
interactions module stored the records on the interactions between nodes in a suitable
data structure. Trust computation takes place before each interaction occurring between
nodes.
Chen and Wu (2009) have proposed a SecMR scheme based on modified secret
sharing as an effective mechanism to protect data confidentiality and simultaneously
enhance data delivery rate in MANET. The scheme is based on multipath route finding
algorithm, modified secret sharing scheme, cryptography, and optimisation technology to
detect active attacks and control the passive attacks. The message compromising
probability and message delivery rate is used to evaluate the performance and security in
different routing.
3 Proposed work
3.1 Overview
In this paper, we have proposed the SecMR and data transmission in MANET, in which
trust-based light-weight authentication routing protocol enables the selection of routes

using RREQ and RREP. After that, confidentiality and integrity is provided to the
messages using light-weight techniques. Digital signatures are included along with
RREQ messages so that the destination could verify the signatures to increase the
security. Then, trust define strategy is defined that depicts the characteristics of node
based on different trust levels. Based on the path length and trust value of node, secure
route discovery is performed. After discovering route, data transmission is initiated.
During transmission, soft encryption and XOR operations is used to encrypt the
messages. The destination node on receiving the message decrypts and recovers the
original message.
Figure 1 Block diagram of the proposed protocol (see online version for colours)
Data transmission
phase
Route request phase
Data packet
Soft
encryption
XOR function
Destination
node
Intermediate
nodes
Source node RREQ/RREP
Digital
signature
3.2 Multipath route discovery
The discovery of multiple disjoint paths depends on ad hoc on-demand multipath distance
vector (AOMDV) routing (Ehrampoosh and Mahani, 2011). Initially, packet success rate
was estimated based on the random variables and variance at time describing the in
progress success rate of data packet. These variables were modelled as the beta random
variable.
The route discovery process is performed as follows:
1 Before transmitting data packet to destination D, the source node S verifies its route
cache for path availability.
2 If there is a path, then S will consider the available path for data transmission.
3 Else, S broadcasts route request (RREQ) packet towards D through the intermediate
nodes (Ni).
4 On receiving RREQ, Ni updates the route cache about the source, sequence number,
destination, previous hop node, and packet success rate in a routing table.

5 Ni then either re-broadcasts the RREQ to its neighbours or sends the route reply
(RREP), if the node is D. This process is repeated till RREQ reaches D.
6 Once D receives RREQ, for every received RREQ, the RREP packet is unicasted in
the reverse path towards the source.
7 Every Ni on receiving RREP updates its cache for the next-hop of the RREP and then
unicasts this RREP in the reverse path using the earlier stored previous-hop node
information. This step is repeated till RREP reaches S.
8 S then computes end-to-end packet success rate of the path based on the collected
information from RREP.
9 S chooses an optimal path with high packet success rate as a primary path. This
optimal path is used for data transmission between S and D. The path with the next
higher level of packet success rate in chosen as backup path (alternate path).
3.3 Signing of RREQ packets
After route discovery, we add the intermediate node’s routing table with a list of recent
most RREQ received for any source destination pair and intermediate nodes for the
request in addition to the source and purpose ID, sequence number, previous hop ID, and
packet success rate (Vaidya and Lim, 2009).
Table 1 Format of routing table
Source ID Sequence
number
Destination
ID
Previous hop
node ID
Packet
success rate
Recent most
RREQ
received
3.3.1 Route request phase
When an arrived packet consists of a list of intermediate nodes that is a superset of items
in the routing table, the packet is discarded. Otherwise, the node adds its own entry into
the packet and rebroadcasts it.
In Figure 2, an intermediate node a receives RREQ directly from source S. When
intermediate node a receives the same RREQ from node b, a discards it. On receiving
RREQ, node a appends its address in the route list and self-certificate it and rebroadcasts
it.
Similarly, node d receives RREQ from nodes a and b and discard those from e. Once
node d receives RREQ from node a, it verifies its self-certificate SCera. If it is valid, node
d removes the signature of node a, signs RREQ message with its Kd, and replaces SCera
with its SCerd. Then, it appends its address in the route list and then rebroadcasts it.

Figure 2 Route discovery (see online version for colours)
he
c
f i
gd
b
a
D
S
RREQ traversal
Source and destination nodes
Denied RREQ route
Intermediate nodes
Table 2 Notations used in multipath route discovery and data transfer
Notations used Description
Sq Unique ID assigned by S to RREQ
SignKX − (M) Message M digitally signed by node X
sCertX Self-certificate generated by node X
NS Nonce by S
SKS, SKD Session keys generated by S and D
N Sequence number
EKX + (M) Encryption of message M with KX+
DKX − (M) Decryption of message M with KX−
SKS, SKD Session keys generated by S and D
prhI Previous hop node ID
PSR Packet success rate
Route request process
( )
: ( , , , , , ), ,
, ,
S
KD S KS S
S SignK REQ S D Sq prhI PSR routelist
E N S sCert
⇒ ∗ < −
+ >
(
( ) )
: ( , , , , , ), ,
, , ,
a S
KD S KS a
a SignK SignK REQ S D Sq prhI PSR routelist
E N S sCertS sCert
⇒ ∗ < − −
+ >
(
( ) )
: ( , , , , , ), ,
, , ,
d S
KD S KS d
d SignK SignK REQ S D Sq prhI PSR routelist
E N S sCertS sCert
⇒ ∗ < − −
+ >

(
( ) )
: ( , , , , , ), ,
, , ,
g S
KD S KS g
g SignK SignK REQ S D Sq prhI PSR routelist
E N S sCertS sCert
⇒ ∗ < − −
+ >
3.3.2 Route reply phase
On reception of RREQ from its neighbour nodes, the destination D discovers multiple
paths – primary path and node disjoint paths from all the received routes. On the first
RREQ reception, the destination verifies all the signatures and caches the route list. It
decrypts and stores session key from S and generates route reply (RREP) packet. RREP
consists of accumulated route as that of RREQ, a digital signature of the D on the entire
message, and encrypted session key (SKD).
The RREP is then sent back on the reverse route as given by the accumulated route in
the RREQ. Each intermediate node on the reverse route verifies its identifier as well as
the predecessor and successor nodes’ identifiers in the accumulated route. If both tests are
valid, the intermediate node signs the RREP and passes it to the next node in the path.
Consequently, the RREP reaches the source node. This node verifies whether it received
the message from its neighbour and if this neighbour is the first node on the path. The
path is then accepted to be valid if all the signatures are verified. It also decrypts and
stores the session key from destination.
Route reply process:
( )
( )
: , , , , , , , ,
,
D S
S D D
D g SignK REP S D Sq N prhI PSR routelist
EK SK sCert
⇒ < −
+ >
(
( ) )
: ( , , , , , , , ),
, ,
g D S
S D D g
g d SignK SignK REP S D Sq N prhI PSR routelist
EK SK sCert sCert
⇒ < − −
+ >
(
( ) )
: ( , , , , , , , ),
, ,
d D S
S D D d
d a SignK SignK REP S D Sq N prhI PSR routelist
EK SK sCert sCert
⇒ < − −
+ >
(
( ) )
: ( , , , , , , , ),
, ,
a D S
S D D a
a S SignK SignK REP S D Sq N prhI PSR routelist
EK SK sCert sCert
⇒ < − −
+ >
If the destination receives a duplicate RREQ, it will compare route path of RREQ to its
route cache. Only when source and destination nodes are same, a path is a node-disjoint
path; otherwise, it will discard the RREQ.
Routing paths are selected from the set of paths using a trust defined strategy.
3.4 Trust model
The trust model as per our first work (Rajkumar and Narsimha, 2015) estimated the direct
(DTij) and indirect (IDTij) trust values of each node utilising Eigen trust algorithm. Then,
a resolver is employed to estimate the global trust value of the node. The direct reputation
(DTij) of a node is calculated based on previous trust value of its neighbour node and RSI
(recent satisfaction index). Each node periodically computes its connectivity rating
[recent satisfaction index (RSI)] with each of its direct neighbour nodes. Indirect trust

value (IDTij) is estimated from aggregated form of trust report received and processed by
Ni about Nj.
A resolver is employed to compute the resultant global trust value (GTij) of the node
based on the direct and indirect trust values. It also executes trust noise cancellation
mechanism for eliminating trust noise. Each node Ni monitors the trust values (GTij) of its
neighbour nodes within its transmission range. Then it collects the trust values from the
monitored nodes and exchanges the collected information with its neighbouring nodes.
After the information exchange, if any node finds that the trust value of monitored node
is below threshold, then the node is subjected to authentication.
3.4.1 Trust-defined strategy
Now, we define the trust-defined strategy to secure routing where a node with a trust
level of x is given at most x parts of the packet to forward. This limits the possibility of
using a brute force decryption of the message. For instance, if four trust levels (trust 1–4)
are assigned to nodes excluding no trust and complete distrusts (trust level of 0 and −1),
the message would be divided into four parts (Narula et al., 2008). Therefore
1 If trust level = 4
A node with a trust level of 4 can read the message; therefore, the nodes which are
certified to be completely safe only are given the right to read the full message.
These might include nodes which are directly visible in case of military applications
or nodes whose keys have been exchanged securely.
A node with a trust level of 3 can surely find out 2n possible messages of which one
would be correct, where n is the number of bits used for encryption.
For example, if a 32-bit message is sent as four eight-bit messages, then a node
with trust level 3 would receives 3 bytes. Considering that remaining byte out of
256 possibilities can be obtained through a brute force search, such node can find the
entire message.
A node with a trust level of 2 can be sure of finding 28 × 28 possible messages with
similar process.
Similarly, a node with a trust level of 1 can assure finding 28 × 28 × 28 possible
messages.
A node with a trust level of zero is not given any part of the message. These nodes
may either act as sinks, and not forwarding any message or nodes that mangle the
messages before forwarding.

6 If trust level = −1
A node with a trust level of −1 is a certified malicious node. All packets received
from this kind of node are dropped immediately. Measures are taken to limit any
promiscuous access of message parts by this node.
Therefore, with the reduction in trust level, the probability of comprehending the entire
message decreases by a factor of 2n
.
3.5 Secure route selection model
Once a new path is discovered and the trust levels of the nodes involved are available, a
secure route is chosen. The routes are selected using a greedy approach on the basis of
path length, such that a node with a trust level T does not get more than T packets on the
route.
Secure routes are selected from a set of given routes in the following manner:
1 Whenever a new route is found, the routes are rearranged in the increasing order of
hop counts. Hence, the chosen route set consists of the smallest possible routes that
can securely route the message without causing large overheads associated with the
multipath routing.
2 The first route is selected, and the maximum numbers of parts of the message that
can be routed via it are assumed to be routed. Note that no actual routing is done at
this step.
3 The next route is selected, and the maximum numbers of parts of the message that
can be routed via it are assumed to be routed. If all the parts of message can be
routed securely, the actual routing is done by the selected paths.
4 This process is repeated until the secured routes are found.
5 If no secured routes are found, the algorithm is repeated by starting at step 2, by
selecting the second route as the first route.
6 This algorithm is repeated until all the combination of routes has been exhausted.
7 If no secured route is found, the algorithm waits for another route.
8 If all routes have been found or a specific time interval has been surpassed, the
algorithm is assumed to have failed and a failure message is displayed.
In the routing process, the algorithm selects the secure routes using an algorithm
(Woungang et al., 2012).
Arrange the paths P = {P1, P2…. Pn} in increasing order of path length
Initialise count Ci for all nodes = 0
Select the smallest path from P
{
Select next smallest path
if (for all selected nodes i, Ci ≤ Ti )
{ // Here, Ti is the trust value of node i calculated in previous paper

if ( four paths are selected )
exit the loop;
else continue;
}
if (All paths are exhausted )
wait for another path
} if (no paths left)
Print (‘it is not possible to route the message securely’)
These routes may or may not be disjoint, so more routes can be generated this way.
3.6 Route maintenance
If a route breakage occurs due to node mobility, the neighbour of the node will send a
route error to the source. Consequently, the source will discard that route from the routing
table. If the source has another path to the destination, it can use it. When the source has
no entry for the destination and the session is still active, it would initiate a new route
discovery. This scheme uses digital signature along with a nonce in route error messages
to authenticate the packet and ensure freshness (Vaidya and Lim, 2009).
3.7 Message encryption and routing:
After finding an optimal route, we can transmit data. In data transmission phase, we
divide a 4n-bits message is into four parts of n bits each (Narula et al., 2008). Let m1, m2,
m3, m4 be these parts. We define the bit operation XOR on bit vectors r and s as follows:
If r = {r1, r2, r3, … rn} and s = {s1, s2, s3,…sn} then
{ }1 1 2 2 3 3, , , n ns XOR r r XOR s r XOR s r XOR s r XOR s= …
Then, the aforementioned parts m1, m2, m3 and m4 are then soft encrypted using the
following equations:
1 1 3m m XORm′ = (1)
2 2 4m m XORm′ = (2)
3 3 2m m XORm′ = (3)
4 4 1 2m m XORm XORm′ = (4)
The parts 1 2 3, ,m m m′ ′ ′ and 4m′ are now routed instead of m1, m2, m3 and m4, respectively.
A node waits for intermediate multiple paths to the destination.
At the destination node, the message parts can be decrypted using the following
equations:
1 2 4m m XORm′ ′= (5)
2 1 2 3 4m m XORm XORm XORm′ ′ ′ ′= (6)
3 1 2 4m m XORm XORm′ ′ ′= (7)

4 1 3 4m m XORm XORm′ ′ ′= (8)
Overall algorithm
1 Route discovery phase with RREQ and RREP is accompanied with digital signature
to increase the security of the system.
2 RREQ/RREP signature is accomplished by self-certificates and session keys.
3 Then, we provide secure route selection model based on the path length and trust
value of node.
4 After the route discovery, we provide data transmission phase.
5 In data transmission phase, we encrypt data using soft encryption and performing
XOR operations.
6 The destination node on receiving the message will decrypt and recover the original
message.
4 Simulation results
4.1 Simulation setup
The performance of the secure multipath routing and data transmission (SMRDT) is
evaluated through NS2 (Network Simulator, http:///www.isi.edu/nsnam/ns.) simulation.
A random network deployed in an area of 1,000 × 1,000 m is considered. The number of
speed is varied as 5, 10, 15, 20 and 25 m/s. Initially, the nodes are placed randomly in the
specified area. The simulated traffic is CBR with UDP source and sink.
Table 3 Simulation parameters
No. of nodes 50
Area size 1,000 × 1,000
Mac 802.11
Simulation time 50 sec
Traffic source CBR
Packet size 512
Attackers 2, 4, 6, 8 and 10
Rate 250Kb.
Propagation model Two ray ground
Antenna type Omni antenna
Speed 5, 10, 15, 20 and 25 m/s
4.2 Performance metrics
The proposed SMRDT protocol is compared with multi-path trust-based secure AOMDV
(T-AOMDV) protocol (Huang et al., 2011). The performance is evaluated mainly,
according to the following metrics.

• packet delivery ratio: it is the ratio of the number of packets received successfully
and the total number of packets transmitted
• average drop: it is the number of packets dropped during the data transmission
• fraction of compromised communications: it is given by the ratio of number of
packets affected or altered by the attackers to the number of packets transmitted
• detection accuracy: it is given by the ratio of number of attacks detected successfully
to the number of attack attempts.
4.3 Results
4.3.1 Varying the attackers
Initially, the external attackers performing unauthenticated access and packets alteration
are launched and varied from two to ten.
Figure 3 Attackers vs. detection accuracy (see online version for colours)
Detection Accuracy
50
60
70
80
90
100
2 4 6 8 10
Attackers
Accuracy(%)
SMRDT
TAOMDV
Figure 3 shows the detection accuracy of both SMRDT and TAOMDV protocols, when
the attackers are increased. From the figure it can be seen that, accuracy decreases from
96% to 82% for SMRDT and 78% to 71% for TAOMDV, as the attackers are increased.
However, SMRDT outperforms TAOMDV by obtaining 14% higher accuracy, since
TAOMDV does not detect attacks related to integrity.
Figure 4 Attackers vs. delivery ratio (see online version for colours)
Packet Delivery Ratio
0
0.2
0.4
0.6
0.8
1
2 4 6 8 10
Attackers
DeliveryRatio
SMRDT
TAOMDV

Figure 5 Attackers vs. packet drop (see online version for colours)
Average Packet Drop
0
20000
40000
60000
80000
2 4 6 8 10
Attackers
Drop(pkts)
SMRDT
TAOMDV
Figures 4 and 5 show the packet delivery ratio and packet drop of both SMRDT and
TAOMDV protocols, when the attackers are increased. From the figure it can be seen
that, increase in number of attackers result in increase in packet drop and decrease in
delivery ratio. As SMRT protects packet drops due to attacks as well as due to route
disconnections, it has 61% lower drop and 40% higher delivery ratio, then TAOMDV.
Figure 6 Attackers vs. resilience (see online version for colours)
Fraction of Compromised
Communications
0
20
40
60
80
2 4 6 8 10
Attackers
Fraction(%)
SMRDT
TAOMDV
Figure 6 shows the fraction of compromised communications of both SMRDT and
TAOMDV in percentages, when the attackers are increased. It can be seen that, increase
in number of attackers result in more affected communications. As SMRT provides
strong integrity and trusting, the compromised communications are reduced by 38%
when compared to TAOMDV.
4.3.2 Varying the node speed
Next, the node speed is varied as 5, 10, 15, 20 and 25 m/s keeping the attackers as 2.
Figures 7 and 8 show the packet delivery ratio and packet drop of both SMRDT and
TAOMDV protocols, when the speed is increased. From the figure it can be seen that,
increase in node speed result in increase in packet drop and slight decrease in delivery
ratio, due to route disconnections. As SMRT protects packet drops due to attacks as well
as due to route disconnections, it has 85% lower drop and 70% higher delivery ratio, then
TAOMDV.

Figure 7 Attackers vs. delivery ratio (see online version for colours)
Packet Delivery Ratio
0
0.2
0.4
0.6
0.8
1
5 10 15 20 25
Speed(m/s)
DeliveryRatio
SMRDT
TAOMDV
Figure 8 Attackers vs. drop (see online version for colours)
Average Packet Drop
0
5000
10000
15000
20000
5 10 15 20 25
Speed(m/s)
Drop(pkts)
SMRDT
TAOMDV
5 Conclusions
In this paper, we proposed a secure multipath routing and data transmission in MANET
in which digital signatures are included along with RREQ messages to increase the
security so that the signatures are verified by the destination nodes. Then, secure route
discovery is performed based on the path length and trust value of node. After route
discovery, data transmission is initiated. During data transmission, soft encryption and
XOR operations are performed. The destination node on receiving the message will
decrypt and recover the original message. Simulation result show that the proposed
approach can improves the packet delivery ratio with reduced delay, packet drop, and
resilience. In future, the proposed approach will be extended by comparing it with several
existing secure routing protocols.
Reference
Athreya, A.P. and Tague, P. (2011) ‘Towards secure multi-path routing for wireless mobile ad-hoc
networks: a cross-layer strategy’, 8th Annual IEEE Communications Society Conference on
Sensor, Mesh and Ad Hoc Communications and Networks, June, pp.146–148, ISSN: 2155-
5486.
Bansal, D. (2013) ‘Design of 50 Hz notch filter circuits for better detection of online ECG’, Int. J.
Biomedical Engineering and Technology, (IJBET), Vol. 13, No. 1, pp.30–48.

Chen, S. and Wu, M. (2009) ‘Secure multipath routing based on secret sharing in mobile ad hoc
networks’, IEEE International Conference on Network Infrastructure and Digital Content,
November, pp.539–542.
Ehrampoosh, S. and Mahani, A. (2011) ‘Secure routing protocol: affection on MANETs
performance’, International Journal of Communications and Information Technology, IJCIT,
December, Vol. 1, No. 1.
Geetha, S. and Sujatha, S. (2010) ‘Increase the performance and enhancing secure authenticated
multi path encrypted protocol in MANET’, IEEE International Conference on Computational
Intelligence and Computing Research, December, pp.1–7.
Huang, J-W., Woungang, I., Chao, H-C., Obaidat, M-S., Chi, T-Y. and Dhurandher, S.K. (2011)
‘Multi-path trust-based secure AOMDV routing in ad hoc networks’, IEEE Global
Telecommunications Conference, December, pp.1–5.
Jaisankar, N. and Saravanan, R. (2010) ‘An extended AODV protocol for multipath routing in
MANETs’, IACSIT International Journal of Engineering and Technology, August, Vol. 2,
No. 4, pp.394–400, ISSN: 1793-8236.
Johnson, D. et al. (2007) The Dynamic Source Routing Protocol (DSR) for Mobile Ad Hoc
Networks for IPv4, IETF RFC 4728.
Khaleel, T.A. and Ahmed, M.Y. (2012) ‘The enhancement of routing security in mobile ad-hoc
networks’, International Journal of Computer Applications (0975-888), June, Vol. 48, No. 16,
pp.41–48.
Khalil, I. and Bagchi, S. (2011) ‘Stealthy attacks in wireless ad hoc networks: detection
and countermeasure’, IEEE Transactions on Mobile Computing, August, Vol. 10, No. 8,
pp.1096–1112.
Koul, A., Patel, R.B. and Bhat, V.K. (2009) ‘Double split based secure multipath routing in ad hoc
networks’, International Conference on Advances in Recent Technologies in Communication
and Computing, October, pp.835–839.
Liu, C-Y., Woungang, I., Chao, H-C., Dhurandher, S-K., Chi, T-Y. and Obaidat, M.S. (2011)
‘Message security in multi-path ad hoc networks using a neural network-based cipher’, IEEE
Global Telecommunications Conference, December, pp.1–5, ISSN: 1930-529X.
Mavropodi, R. et al. (2007) ‘SecMR – a secure multipath routing protocol for ad hoc networks’,
Elsevier Ad Hoc Networks, Vol. 5, No. 1, pp.87–99.
Narula, P., Dhurandher, S.K., Misra, S. and Woungang, I. (2008) ‘Security in mobile
ad-hoc networks using soft encryption and trust-based multi-path routing’, Computer
Communications, Vol. 31, No. 4, pp.760–769.
Network Simulator [online] http:///www.isi.edu/nsnam/ns.
Rajkumar, B. and Narsimha, G. (2015) ‘Trust-based light weight authentication routing protocol for
MANET’, Int. J. Mobile Network Design and Innovation, Vol. 6, No. 1, pp.31–39.
Singh, D., Sharma, B.K. and Kumar, A. (2014) ‘A survey on challenges in multipath routing for
adhoc networks’, International Journal of Emerging Technology and Advanced Engineering,
February, Vol. 4, No. 1, pp.376–381, ISSN 2250-2459.
Tague, P., Nabar, S., Ritcey, J.A. and Poovendran, R. (2011) ‘Jamming-aware traffic allocation for
multiple-path routing using portfolio selection’, IEEE/ACM Transactions on Networking,
February, Vol. 19, No. 1, pp.184–194.
Vaidya, B. and Lim, H. (2009) ‘Secure framework for multipath multimedia streaming over
wireless ad hoc network’, IEEE Wireless Communications and Networking Conference, April,
pp.1–6, ISSN: 1525-3511.
Woungang, I., Obaidat, M.S., Dhurandher, S.K., Chao, H-C. and Liu, C. (2012) ‘Trust-enhanced
message security protocol for mobile ad hoc networks’, IEEE International Conference on
Communications, June, pp.988–992, ISSN: 1550-3607.
Zakhary, S.R. and Radenkovic, M. (2010) ‘Reputation-based security protocol for MANETs in
highly mobile disconnection-prone environments’, IEEE/IFIP WONS 2010 – The Seventh
International Conference on Wireless On-demand Network Systems and Services.

Zhao, Z., Hu, H., Ahn, G-J. and Wu, R. (2010) ‘Risk-aware response for mitigating MANET
routing attacks’, Globel Telecommunications Conference (GEOBECOM 2010), December,
pp.1–6, ISSN: 1930-529X.

X RAJKUMAR (1) (1)

Recommended

Recommended

More Related Content

What's hot

What's hot (18)

Similar to X RAJKUMAR (1) (1)

Similar to X RAJKUMAR (1) (1) (20)

X RAJKUMAR (1) (1)