Rapid Proliferation Of Wireless Networks Computer Science Essay

Published Date: 02 Nov 2017

The rapid proliferation of wireless networks, the continual increase in computing power and the tremendous growth of the Internet have changed the way the society manages information and information services. Computing today is becoming pervasive and wireless technologies are playing an important role in allowing devices like cellular phones and handhelds to wirelessly communicate with other devices and spontaneously forming short-range, short-term, ad-hoc networks.

All complex ecosystems; biological like the human body, natural like a rain forest, social like an open-air market, or socio-technical like the global financial system or the Internet, are interconnected (Bruce, 2012). Individual unit within those ecosystems are interdependent, each unit does its part and relies on the other units to do their parts as well. Also, all complex ecosystems contain parasites, within every interdependent system; there are individuals who try to subvert the system to their own ends. Every entity in a system needs to be able to trust that the entities it interacts with will corporate. Somehow, the entity does not trust completely or blindly but should able to develop a confidence or be reasonably sure that its trust is well founded and other entities will be trust worthy in return (Bruce, 2012).

A mobile ad hoc network is an example of a complex ecosystem. It is a collection of wireless mobile nodes communicating with each other without the aid of a fixed infrastructure. Its unique characteristics like open infrastructure, dynamic network topology, lack of central administration and limited battery-based energy of mobile nodes makes it more vulnerable to attacks. In spite of the convenience that comes with being able to speedily deploy mobile ad-hoc networks and being mobile, they are vulnerable to malicious attacks. The lack of infrastructure and organizational environment offer special opportunities to attackers. Attackers may intrude into the network through malicious nodes because the topology of the network is highly dynamic as nodes frequently join or leave the network, and roam in the network (Madhavi & Kim, 2008).

Centralized security management appears impossible because of the scale of the system, the large number of potential users and sizable resources. Considering the size of the system, collaboration among strangers is unavoidable. The security objectives of both Mobile Ad hoc Networks and traditional networks are considered to be the same such as availability, confidentiality, integrity, authentication, and non-repudiation, however security issues involved in mobile ad hoc networks are quite different due to the ‘mobile’ and ‘ad hoc’ constraints (Sen, Ukil, Bera, & Pal, 2008). Therefore for proper functioning of the network cooperation between nodes is required. Here cooperation refers to performing the network functions collectively by nodes for benefit of other nodes but because of open infrastructure and mobility of nodes; nodes might not cooperate resulting in a serious degradation in the network performance (Ukey & Chawla, 2010).

Routing algorithms for MANET have been designed with the assumption that all nodes cooperate. However a node may decide not to cooperate or misbehave by agreeing to forward packets and then fails to do so, because it is malicious, selfish, overloaded or broken. A malicious node launches a denial of service attack by dropping packets. A selfish node does not want to spend its remaining battery life, CPU cycles, or available network bandwidth to forward packets not of direct interest to it, even though it expects others to forward packets on its behalf. An overloaded node lacks the CPU cycles, buffer space or available network bandwidth to forward packets. A broken node might have a software fault that prevents it from forwarding packets. Misbehaving nodes can be a significant problem. Therefore, the focus of this work is to develop a secured routing protocol by adding a notion of trust to the existing Ad-hoc On-Demand Distance Vector (AODV) Routing Protocol, thereby making sure that only trusted routes are used as forwarding paths.

1.2 Statement of the Problem

Mobile node in a MANET may function as a router and forward packets for other peer nodes. A malicious attacker can readily become a router and disrupt network operations by intentionally disobeying the protocol specifications. It gets more complicated when the malicious nodes get too large and a practical criterion to distinguish nodes as trusted and distrusted is unavailable. Since all nodes will be used as router in the network, a secured routing protocol is required to achieve protection and high network performance.

1.3 Justification

Mobile Ad hoc networks bank on the cooperation of the nodes participating in the network to forward packets for each other. A node might decide not to cooperate to preserve its resources while using the resources of other nodes in the network to forward its own packet thereby degrading the network performance and cooperating nodes may find themselves unfairly loaded if too many nodes exhibit this behavior (Bansal & Baker, 2003). The proposed protocol mitigates against routing misbehaviour in Mobile Ad hoc networks, encourages nodes to cooperate to increase their trust value and increase network performance.

1.4 Aim of the Study

This study developed a trust enhanced security model for Ad hoc On-Demand Distance Vector routing protocol for Mobile Ad hoc Networks.

1.5 Specific Objectives

The specific objectives were to

Formulate a trust-based security model for AODV

Simulate the model in (i)

Evaluate the performance of the model

1.6 Research Methodology

This study reviewed security models, trust models and secured routing protocols in MANET. Built a fuzzy trust model using MATLAB Fuzzy Inference System toolbox with the result used to formulate a trust algorithm. The trust algorithm was fused into AODV in OPNET. The optimized and secured routing protocol was simulated using OPNET. The performance of the proposed protocol was then evaluated and compared with the conventional AODV using Total Packet Dropped, Network Throughput and Media Access Delay.

1.7 Organisation of Thesis

The rest of the thesis is organized as follows: Chapter two discusses previous security models; trust models and secured routing protocol for Mobile Ad-hoc Networks, the strengths and drawbacks of these existing models are also discussed. In Chapter three, the research's approach and methods are specified for securing Ad-hoc On-Demand Distance Vector Routing Protocol for Mobile Ad-hoc Networks. Chapter four clearly discusses the simulation setup, result and performance evaluation of the proposed protocol. Chapter five concludes the thesis with the summary of the research work, results and offers future research recommendations.

CHAPTER TWO

LITERATURE REVIEW

2.1 Introduction

This chapter presents security engineering, brief overview of Mobile Ad-hoc Networks and its architecture, Mobile Ad-hoc security, related research work, fuzzy logic concept and brief overview of Ad hoc On-Demand Distance Vector routing protocol.

v2.2 Security Engineering

Security engineering is building a system to remain dependable in the face of malice, error, or mischance. It focuses on the tools, processes, and methods needed to design, implement, and test complete systems, and to adapt existing systems as their environment evolves (Anderson, 2008). Security requirements differ greatly from one system to another, things acceptable in one system might not conform to specification of another system. In securing an environment against attacks, one needs to know what needs protecting and how to do it. Security issues can be divided into four:

Policy

Model

Architectures and

Mechanism

Policy states the high-level organizational goals and requirements, essentially, what the system is supposed to achieve. Model decomposes policies into abstract terms that can be analyzed and mapped into implementable entities. A concise and formal description of the system policy in natural language is referred to as the system model. Architecture is the high-level description of the security designs in terms of the major components of a system and their inter-relationships and finally Mechanism is a set of means or methods used for final implementation of the security design (Anderson, 2008).

A very good security architecture model should have the ability to manage/maintain an accurate and consistent level of security controls (Angelo, 2001). A Secured system should be dependable even in the face of attacks and the properties of a dependable system include availability, reliability, safety and maintainability. Also, two security related aspects of dependability include confidentiality and integrity and they are both defined by access control policies.

2.2.1 Confidentiality

Confidentiality is the assurance that resources are shared only among authorized subjects (Bertino & Koglin, 2007). That is the assurance that certain information can only be read or accessed by authorized party (Joshi, Srivastava, & Poonam, 2010). Confidentiality sees to the protection of data from unauthorized access (Angelo, 2001). The standard method to protect data confidentiality is to encipher data with the key; the receiver can decipher data, thereby achieving confidentiality

2.2.2 Integrity

Integrity is the assurance that the received information is authentic and complete (Bertino & Koglin, 2007). In communication, data integrity is the guarantee that the data received after transmission is not changed by enemy (Ma & Xie, 2010). Integrity sees to the fact that data, services, and other controlled resources are not altered and/or destroyed in an unauthorized manner (Angelo, 2001). Integrity based security model is concerned with protecting the system against unauthorized or malicious actions resulting in the alteration of security mechanism, addressing or routing information, and audit information (Angelo, 2001). Data integrity may be achieved through data authentication.

2.2.3 Availability

Availability is the confidence that the system responsible for dissemination, storing, and processing information is accessible when needed by those who need its services (Bertino & Koglin, 2007). Availability not only ensures the reliable and correct operation of information and system resources for which the loss of information and/or resource access would cause adverse results, it also ensures that the availability of mechanisms to prevent, detect, and/or monitor accidental, unauthorized, and/or malicious activities that could negatively impact the availability of critical information (Angelo, 2001).

2.2.4 Accountability

Accountability ensures that events, activities, actions can be linked to specific users and/or processes responsible for those actions. Accountability includes identification and authentication mechanisms, and access control (Angelo, 2001).

2.3 Components of a Security System

From the properties of a secured system discussed above, it is obvious that a security system is majorly made up of the following:

Authentication

Encryption

Authorization

Access Control

2.3.1 Authentication

Authentication is a process of proving something to be genuine or valid; validating the authenticity of something or someone. It is a security measure that identifies the user of a particular system or application and verifies that the message was not tampered with. It is therefore the verification of the identity of a party who generated some data, and of the integrity of the data.

A network authentication system provides a means of proving the identity of a principal on a network. A principal is the party whose identity is verified (Kohl & Neuman, 1993). A principal is the basic entity that participates in authentication and in most cases a principal represents a workstation user, a network server or an instance of a network service on a particular host. (Kohl & Neuman, 1993)

2.3.2 Encryption

Encryption is the process of changing data into a form difficult to understand without applying a second transformation (Kohl & Neuman, 1993). The transformation is affected by an encryption key in such a manner that the next transformation can only be done if one has the decryption key. The important difference between a secret-key encryption algorithm and public-key encryption algorithms is the way keys are used. With a secret-key encryption algorithm, the same key is used for both encryption and decryption while public-key encryption algorithms use different keys for encryption and decryption.

Authentication depends upon the two participants in a conversation being the only two principals (apart possibly from trusted servers) who know the key that is being used to encrypt a transmitted message.

2.3.3 Authorization

Authorization is the process that determines whether a principal is allowed to perform an operation (Kohl & Neuman, 1993). Authorization is usually verified after the authentication has been done, and may be based on information local to the verifier, or based on authenticated statements by others. Authorization is dependent but not limited to access control policy of a security system.

2.3.4 Access control

Access control describes the ways in which users can access resources in the system. Access control policy describes what is authorized, that is, who has access to what and under what circumstances. Access control policies govern the access of users to information on the basis of the users’ identity and a collection of rules or authorizations which determine, for any user and any object in the system, the types of accesses or executions the user is allowed on the object (Jajodia, Samarati, & Subrahmanian, 1997).

2.4 Mobile Ad Hoc Network (MANET)

MANET consists of wireless mobile nodes that form a temporary network without the aid of fixed infrastructure or central administration. It is mostly used in military applications and in rescue operations where the existing communication infrastructure has been destroyed or is unavailable, such as the case of after earthquakes and other disasters. Now a days they are also being used in a lot of commercial applications, like mobile phones and PDAs using the Bluetooth protocol, since it is fast and quite easy to setup and requires no extra equipment (Mamatha & Sharma, 2010).

Nodes in a MANET communicate directly to other nodes within their transmission range while with nodes outside the transmission range they communicate through intermediate nodes forming a multi-hop scenario. In multi-hop transmission, a packet is forwarded from one node to another, until it gets to the destination using a routing protocol. As pointed out in (Buttyan & Hubaux, 2003) this operating principle of mobile ad hoc networks renders cooperation among nodes an essential requirement since nodes perform networking functions for the benefit of other nodes and lack of cooperation may have fatal effects on network performance.

The wireless and distributed nature of MANETs presents a great challenge to system security designers. Routing and security are important problems in MANET. As against other networks which use specific nodes for packet forwarding, routing and managing the network, MANETs route with all the nodes in the network. The wireless nature and the mobile environment of these networks make them vulnerable to attacks from attackers. Attackers can attack from every direction and to all nodes, so MANETs do not have a clear defending path.

2.5 Network Architectures in MANET

Wireless ad-hoc networks may be configured in basically two ways: a flat network infrastructure or a multi-layered network infrastructure.

2.5.1 Flat network infrastructure

In a flat network infrastructure, all nodes are considered to be equal and may participate in routing functions and are therefore suitable for applications such as virtual classes or conferences (Rafsanjani, Movaghar, & Koroupi, 2008) (Wai, Aye, & James, 2004). Figure 2.1 below describes the architecture.

2.5.2 Multi-layered network infrastructure

In multilayer infrastructures, all nodes are considered not equal but different and may be grouped in clusters, with a cluster-head node for each cluster (Rafsanjani, Movaghar, & Koroupi, 2008). Nodes within transmission range are organized into this cluster electing a Cluster-Head (CH) node to centralize routing information for the cluster. Nodes in a cluster communicate with nodes in other clusters through the cluster-head nodes. The CH nodes are expected in this case to be more powerful devices with better resources and they form a virtual backbone of the network. Therefore, the major part of the processing can be done on the CH nodes. This infrastructure is suitable for military applications. Figure 2.2 describes the architecture.

2.6 MANET Security

As mentioned in section 2.4 above, one distinguishing characteristic of Mobile Ad hoc Networks is the lack of a clear line of defense. Wired networks make use of dedicated routers to forward packets while in a MANET each mobile node can function as a router and forward packets for other nodes. Existing ad hoc routing protocols, such as Dynamic Source Routing (DSR), Ad Hoc On-Demand Distance Vector (AODV), and wireless MAC protocols, such as 802.11 undoubtedly assume a trusted and cooperative environment, a malicious attacker can therefore become a router and disrupt network operations by intentionally disobeying the protocol specifications (Yang, Luo, YE, Lu, & Zhang, 2004).

Mobile Ad hoc Networks basically uses two approaches to protecting MANETs: proactive and reactive. The proactive approach seeks to prevent an attacker from launching attacks in the first place while, the reactive approach attempts to detect threats a posteriori and react accordingly (Yang, Luo, YE, Lu, & Zhang, 2004). In order to achieve security services as mentioned in section 2.2, security solution should provide complete protection spanning the entire protocol stack as shown in Table 2.1 below.

2.7 Attacks in MANET

Current MANETs are basically vulnerable to two different types of attacks;

Active attack and

Passive attack.

Active attack is an attack when malicious node has to bear some energy costs in order to carry out the attack while passive attacks can be likened to lack of cooperation with the purpose of saving energy selfishly. Nodes that carry out active attacks are considered malicious while nodes that make passive attacks with the aim of saving resources for their own communications are considered to be selfish (Joshi, Srivastava, & Poonam, 2010). Table 2.2 describes security attacks on each Layer in MANET. Common attacks are discussed below.

2.7.1 Modification attack

In a modification attack, a malicious node can redirect the network traffic and conduct Denial of Service (DoS) attacks by modifying or altering the routing control messages transmitted in its environment and releases the altered content back to the environment to cause malicious effect (Balakrishnan & Varadharajan, 2005). It can cause network traffic to be dropped, redirected to a different destination or to a longer route to reach or to destination that causes unnecessary communication delay (Joshi, Srivastava, & Poonam, 2010).

2.7.2 Impersonation attack

Impersonation attacks occur when a malicious node masquerades as another node. This can be in the form of a spoofing attack. Spoofing allows the node to become an authorized entity in the network and permits to take advantage of the authorized services. It occurs when a malicious node misrepresents its identity in the network by either altering its MAC or IP address in outgoing packets (Joshi, Srivastava, & Poonam, 2010).

2.7.3 Fabrication

To carry out this attack, the attacker gains access into the network and also insert counterfeit objects into the system. The attacker creates and transmits malicious control messages to the environment with the sole aim of destructing the basic routing operation or destroying other’s resources (Balakrishnan & Varadharajan, 2005).

2.7.4 Lack of cooperation attack

Lack of cooperation attack is often carried out by selfish nodes that want to preserve their resources by simply not participating in the operation or by not executing the packet forwarding.

2.7.5 Interruption attack

Here, the malicious node does not modifying or fabricating the control messages but performs specific actions to interrupt the normal operation of the network (Balakrishnan & Varadharajan, 2005).

2.7.6 Wormhole attack

Wormhole attack, also known as tunneling attack is when two or more nodes collaborate to encapsulate and exchange messages between them along existing data routes. This gives opportunity to a node or nodes if it’s a collaboration, to short-circuit the normal flow of messages creating a virtual vertex cut in the network that is controlled by the two colluding attackers (Joshi, Srivastava, & Poonam, 2010).

2.7.7 Blackhole attack

Here a malicious node attracts all the packets towards itself by altering the routing information and then drops the packets (Balakrishnan & Varadharajan, 2005).

2.7.8 Grayhole attack

Grayhole attack is said to be a specialized version of a blackhole attack. In this case the malicious node selectively drops packets (Balakrishnan & Varadharajan, 2005).

2.7.9 Flooding attack

This attack makes the intermediate nodes to exhaust their resources in processing incoming flooded, falsified routing information and in some cases blows out the routing table due to overflow (Balakrishnan & Varadharajan, 2005).

2.8 Network Layer Security for MANETs

A Mobile Ad hoc Network provides network connectivity between mobile nodes over potentially multi-hop wireless channels mainly through link-layer protocols that ensure one-hop connectivity, and network layer protocols that extend the connectivity to multiple hops (Yang, Luo, YE, Lu, & Zhang, 2004). Network Layer Security for MANET is concerned with the assurance that the routing message exchanged between nodes is consistent with the protocol specification, and the packet forwarding behavior of each node is consistent with its routing states. Network Layer Security for MANET can be classified into two categories:

Secure ad hoc routing protocols and

Secure packet forwarding protocols.

A routing protocol is needed whenever a packet needs to be transmitted to a destination; this protocol finds and establishes a route for packet delivery and delivers the packet to the correct destination (Taneja & Kush, 2010). Routing protocols can be broadly classified into two types as

Table Driven Protocols or Proactive Protocols and

On-Demand Protocols or Reactive Protocols

In Table Driven routing protocols each node has and maintains one or more tables containing routing information to every other node in the network. Nodes keep on updating their tables to maintain latest view of the network. In the case of a highly dynamic network topology, a significant amount of resources is required to keep routing information up-to-date and reliable. Some existing proactive routing protocols are

Destination Sequenced Distance Vector (DSDV),

Wireless Routing Protocol (WRP),

Global State Routing (GSR) and

Clusterhead Gateway Switch Routing (CGSR).

In On-Demand routing protocols, routes to destinations are created when required. When a transmission occurs from source to destination, it invokes the route discovery procedure. The route remains valid till destination is achieved or until the route is no longer needed (Taneja & Kush, 2010). Some of the existing on demand routing protocols are

Cluster Based Routing Protocol (CBRP),

Ad hoc On-Demand Distance Vector (AODV),

Dynamic Source Routing (DSR),

Temporally Ordered Routing Algorithm (TORA),

Associativity-Based Routing (ABR), S

Signal Stability Routing (SSR) and

Location Aided Routing (LAR).

Ad hoc routing security is only a part of the network-layer security solution for MANET. Security solution should ensure that each node indeed forwards packets according to its routing table. It is possible for a malicious node to readily take part in the route discovery phase but fail to correctly forward data packets (Yang, Luo, YE, Lu, & Zhang, 2004). Therefore a security solution should also secure packet forwarding operation.

2.9 Existing Security Models/Frameworks in MANET

Many security models have been proposed for Mobile Ad hoc networks in the literature. A few of these security frameworks are discussed below:

2.9.1 The resurrecting duckling

The Resurrecting Duckling security policy model (Stajano & Anderson, 1999) described bio inspired phenomenon called imprinting; a duckling coming forth from its egg recognizes the first moving object it sees that makes a sound, regardless of what it looks like as its mother. Likewise, a device, whose egg is the shrink-wrapped box that encloses it as it comes out of the factory, will recognize as its owner the first entity that sends it a secret key. This owner controls it taking the hardware of the device as the body, and the software as the soul. As long as the soul stays in the body, the duckling remains alive and bound to the same mother to which it was imprinted. This bond is broken by death: thereupon, the soul dissolves and the body returns in its pre-birth state, with the resurrecting duckling ready for another imprinting that will start a new life with another soul. Enabling the devices to be imprinted several times give chance to every malicious mobile device with a very bad reputation and being avoided to leave the network and come back in as a new user since the network will see it in a pre birth state.

2.9.2 Watchdog and Pathrater

Watchdog and Pathrater; Mitigating Routing Misbehavior in Mobile Ad Hoc Networks (Marti, Giuli, Lai, & Baker, 2000) used a watchdog that identifies misbehaving nodes and a pathrater that helps routing protocols avoid these nodes. It complements DSR; two extensions were introduced to the Dynamic Source Routing algorithm (DSR) to mitigate the effects of routing misbehavior; the watchdog and the pathrater. The watchdog identifies misbehaving nodes, while the pathrater avoids routing packets through these nodes. When a packet is forwarded by a node, the node's watchdog confirms that the next node in the path also forwards the packet. If the next node does not forward the packet, then it is misbehaving. The pathrater then uses this information to choose the network route that is most likely to deliver packets. This approach was found not to punish malicious nodes that do not cooperate, but rather relieves them of the burden of forwarding for others, whereas their messages are forwarded without complaint. This way, malicious nodes are rewarded and reinforced in their behavior

2.9.3 Security Aware Ad Hoc Routing (SAR)

SAR, (Yi, Naldurg, & Kravets, 2001) incorporates security attributes as parameters into ad hoc route discovery. This protocol was implemented using AODV naming it SAODV. SAR ensures that RREQ packets can only be processed or forwarded by a node only if the node has the required security or required authorization or trust level. AODV RREQ and RREP packet was modified to carry additional security information. RREQ packet has an additional field called RQ_SEC_REQUIREMENT that indicates the required security for the route the sender wishes to discover while the RREP packet has an additional field called RP_SEC_GUARANTEE that indicates the maximum level of security afforded by the path discovered. The destination node sends a RREP as in AODV. The value of the RQ_SEC_REQUIREMENT field in the RREQ packet is copied into the RP_SEC_GUARANTEE filed of the RREP packet. Intermediate route in the reverse path that are allowed to participate updates their routing tables as in AODV and also record the new RP_SEC_GUARANTEE whose value indicates the maximum security available on the cached forward path. But the issues not addressed by this protocol include how to handle key distribution, how the keys of the other nodes are known, what happens when a node leaves the group with the shared trust level and how trust hierarchies are defined in the first place, especially for civilian applications. SAR relies on tamper-proof hardware. SAODV simulation showed that performance impact is sustainable.

2.9.4 Authenticated Routing For Ad Hoc Networks (ARAN)

ARAN (Sanzgiri, et al., 2002) uses cryptographic certificates to bring authentication, message-integrity and non-repudiation to the route discovery process. It uses public-key cryptographic mechanisms to defeat all identified attacks. ARAN simulates how it can secure routing in environments where nodes are authorized to participate but not trusted to cooperate, as well as environments where participants do not need to be authorized to participate. ARAN consists of a preliminary certification process followed by a route instantiation process that guarantees end-to-end authentication. The routing messages are authenticated end-to-end and only authorized nodes participate at each hop between source and destination.

2.9.5 ARIADNE: A Secure On-Demand Routing Protocol for Ad Hoc Networks

ARIADNE, (Hu, Perrig, & Johnson, 2002) withstands node compromise and relies only on highly efficient symmetric cryptography. It prevents attackers or compromised nodes from tampering with uncompromised routes consisting of uncompromised nodes, and also prevents a large number of types of Denial-of-Service attacks. Ariadne can authenticate routing messages using one of three schemes: shared secrets between each pair of nodes, shared secrets between communicating nodes combined with broadcast authentication, or digital signatures. ARIADNE is based on the basic operation of the Dynamic Source Routing protocol (DSR). Simulation results showed that Ariadne delivers fewer packets than DSR at higher levels of mobility and also outperforms DSR at lower levels of mobility.

2.9.6 Cooperation Of Nodes: Fairness In Dynamic Adhoc NeTworks (CONFIDANT)

CONFIDANT, (Buchegger & Le Boudec, 2002) extends the concepts of watchdog and pathrater (Marti, Giuli, Lai, & Baker, 2000). It detects and isolates misbehaving nodes, making it unattractive to deny cooperation by informing other nodes of this misbehavior through reports sent around the network. Each node in the network hosts a monitor for observations, reputation records for first-hand and trusted second-hand reports, trust records to control the trust assigned to receive warnings, and a path manager used by nodes to adapt their behavior according to reputation information. Dynamic Source Routing (DSR) was used as the base protocol. In this mechanism, misbehaving nodes are not only excluded from forwarding route replies, but also from sending their own route request. The scheme includes a trust manager to evaluate the level of trust of alert reports and a reputation system to rate each node. From simulation results evaluation, the fortified network keeps the number of dropped packets fairly constant irrespective of the network size, whereas the defenseless network deteriorates significantly with the increasing total number of nodes.

2.9.7 Nuglet Counter

(Buttyan & Hubaux, 2003) proposed a simple mechanism based on a counter in each node to stimulate cooperation among nodes for packet forwarding in a MANET. The security module maintains a counter, called nuglet counter, which is decreased when the node wants to send a packet as originator, and increased when the node forwards a packet. The value of the nuglet counter must remain positive, which means that if the node wants to send its own packets, then it must forward packets for the benefit of other nodes. The nuglet counter is protected from illegitimate manipulation by the tamper resistance of the security module.

2.9.8 Observation-based Cooperation Enforcement in Ad hoc Networks (OCEAN)

OCEAN (Bansal & Baker, 2003) was designed to reside between the network and MAC layers of the protocol stack, and it helps nodes make intelligent routing and forwarding decisions. It was designed on top of the Dynamic Source Routing Protocol (DSR). It is a scheme that relies exclusively on first-hand observations. While directly observed positive behavior increases the rating of a node, directly observed negative behavior decreases the rating by an amount larger than that. If the rating of a node is below the faulty threshold, the node is added to a ‘faulty list’. This faulty list is appended to the route request by each node broadcasting it to be used as a list of nodes to be avoided.

2.9.9 AODV-SEC

AODV-SEC (Eichler & Roman, 2006) is an improved version of the SAODV protocol (Yi, Naldurg, & Kravets, 2001). It is an extension to the AODV protocol and it used certificates and a public key infrastructure as trust anchor. It has a controller module that detects the security extensions and runs the respective mechanisms to verify or secure the packet. It was simulated on NS-2 simulator and performance comparison with AODV in terms of end-to-end delay with few source nodes the AODV-SEC performs well, almost as good as the regular AODV. Increasing the number of sources leads to a rather large increase of the end-to-end delay, normalized routing load (NRL) shows equivalent results, the protocols almost have the same Route Acquisition Times.

2.9.10 FELLOWSHIP

FELLOWSHIP, (Balakrishnan, Varadharajan, & Tupakula, 2006) is an obligation-based model that defends both the malicious and selfish nodes against flooding and packet drop attacks. The architecture comprises: rate-limitation component, enforcement component and restoration component. Rate-limitation minimizes the flooding attacks, enforcement component reduces the packet drop attacks and the restoration component resolves the ambiguity between the intentional and accidental packet drops. Fellowship model is enforced at every node and each incoming packets have to pass through the three components before being sent out. The model did not present a simulation result to evaluate its performance.

2.9.11 Trust Based Energy Aware AODV (TEA-AODV)

(Pushpalatha, Venkataraman, & Ramarao, 2009) proposed a trust based energy aware routing model in MANET. During route discovery, node with more trust and maximum energy capacity is selected as a router based on a parameter called ‘Reliability’. Route request from the source is accepted by a node only if its reliability is high. Otherwise, the route request is discarded. The two main parameters that make the routing algorithm more reliable are trust value of each node and battery capacity of each node. Trust value of each node is evaluated based on the various parameters like length of the association, ratio of number of packets forwarded successfully by the neighbors to the total number of packets sent to that neighbour and average time taken to respond to a route request. Trust value is initially set to zero. It is incremented based on how many numbers of packets are successfully transmitted from one node to another node. Initially every node has full battery capacity say 100% which is assigned to current energy .On each transmission or reception of a data packet the remaining energy is found by subtracting the consumed energy from the current energy and if the remaining energy falls below 50%, that node will not act as a router to forward the packets.

When two or more route request reaches the destination from the same source and same broadcast id and in different path, it selects the most reliable path by finding the average reliability. Average reliability is the cumulative reliability divided by the number of hops. If average reliability of one path is greater than reply another path, that path is selected and the route is send by the destination in that path to the source. The source receives the new path and sends the packet in that reliable path and records the path for future use. The protocol was simulated in OPNET and results showed that TEA-AODV experienced a high end to end delay because route selection is based on trust and energy level not on the minimum number of hops but number of packets dropped is minimum compared to conventional AODV. Number of packets dropped is 50% more in conventional AODV. In TEA-AODV packet drops can be reduced to 0 % if mobility of nodes is predicted in the algorithm.

2.9.14 Energy based Trust solution for Detecting Selfish Nodes in MANET using Fuzzy logic

(Vijayan, Mareeswari, & Ramakrishna, 2011), proposed an energy utilization based approach using fuzzy logic in evaluating trust for misbehaviour detection of a selfish node in MANET. Every node in the network monitors the behaviour of its neighbours, and if any abnormal action is detected, it invokes an algorithm to determine whether the suspected node is indeed malicious. The proposed mechanism builds trust in the network by the interactions among some security components running on each node. These components are Supervisor, Aggregator, Trust calculator and Disseminator.

The supervisor module monitors neighbours by passively listening to their communication. Aggregator module collects all the details of the communication that already happened and can be used to calculate the number of packets dropped. The trust level of a node is determined by the percentage of packet dropped. This percentage is treated as fuzzy input variable and the output of the algorithm is trust level of a node. Disseminator module uses the mobility of the nodes for disseminating trust value. Each node contains the direct trust value of all remaining nodes as well as the indirect trust or recommended trust value. By aggregating these two values a node will calculate the total trust value of target node. The model was simulated using Network Simulator-2 and DSR routing protocol as the base protocol. It was observed that packet delivery ratio decreases as the degree of selfish increases, throughput value is inversely proportional to the number of selfish nodes. And the energy increases as the time increases even though the network consists of trusted nodes or selfish nodes.

2.9.15 Trust Based Reliable AODV [TBRAODV]

TBRAODV (Subramanian & Ramachandran, 2012) implements a trust value for each node. For every node trust value is calculated and based on the trust value, nodes are allowed to participate in routing or else identified to become a misbehaving node. The trust level value calculation is based on the success or failure of the RREQ, RREP and data packet. The trust level value is calculated for each node during routing and is checked against the threshold value (assumed to be 5). If lesser than threshold then there is a possibility for this node to be marked as misbehaving node for the current transmission and will not be suitable for further routing and an alternate path is selected for routing. The protocol was simulated using NS-2 and performance analysis showed that Packet Delivery ratio is increased, delay is reduced compared to the general AODV and throughput is maintained.

2.10 Trust Management

Trust is a complex concept and has a lot of meaning (Bruce, 2012). Trust and reputation management has recently become a very useful and powerful tool in virtual communities where users do not know each other at all or, at least, do not know everyone. The distinction between a trust and a reputation model is not always clear. In most reputation systems reputation value is a metric for trust. A node with a good reputation means it behaves very well and thus is trustworthy, while nodes with bad reputation are uncooperative and not trustworthy.

According to observation in (Marmol & Perez, 2009), most of the current trust and reputation models in the literature follow these four general steps and further illustrated in figure 2.3 below

Collecting information about a certain participant in the community by asking other users their opinions or recommendations about that peer.

Aggregating all the received information properly and somehow computing a score for every peer in the network.

Selecting the most trustworthy or reputable entity in the community providing a certain service and effectively having an interaction with it, assessing a posteriori the satisfaction of the user with the received service.

According to the satisfaction obtained, a last step of punishing or rewarding is carried out, adjusting consequently the global trust (or reputation) deposited in the selected service provider.

Trust is the firm belief in the competence of an entity to act dependently, securely and reliably within a specified context (Kagal, Undercoffer, Perich, Joshi, & Finin, 2002) (Kagal, Finin, & Joshi, 2001). The concept of trust management was first introduced by (Blaze, Feigenbaum, & Lacy, 1996) who defined it as "a unified approach to specifying and interpreting security policies, credentials and relationships that allows direct authorization of security-critical actions" (Blaze, Feigenbaum, Ioannidis, & Keromytis, 1999).