MARCH ISSN: 2321-8134

IJFEAT
INTERNATIONALJOURNALFORENGINEERINGAPPLICATIONSANDTECHNOLOGY
A Security-Aware Routing Protocol for Wireless Ad Hoc Networks
Mohammad Usman1, Achal Pimpare2, Akanksha Upate3, Darshan Sharma4

1
Student, Computer Science & Engineering, J.D.I.E.T Yavatmal, India, uv.usman@gmail.com
2
Student, Computer Science & Engineering, J.D.I.E.T Yavatmal, India, aachal224@gmail.com
3
Student, Computer Science & Engineering, J.D.I.E.T Yavatmal, India, akankshaupate7@gmail.com
4
Student, Computer Science & Engineering, J.D.I.E.T Yavatmal, India, dssharma6819@gmail.com

Abstract
In this paper we propose a new routing technique called Security-Aware ad hoc Routing that incorporates security attributes as
parameters into ad hoc route discoveries. Security-Aware ad hoc Routing (SAR) enables the use of security as a negotiable metric to
improve the relevance of the routes discovered by ad hoc routing protocols.Routing Protocol – Ariadne, Secure Ad hoc On-demand
Distance Vector routing protocol – SAODV, Security Aware Routing Protocol – SAR, Secure Efficient Distance Vector Routing –
SEAD, Securing the Destination Sequenced Distance Vector Routing Protocol – SDSDV, Secure Link State Routing protocol – SLSP,
On-Demand Secure Routing Protocol Resilient to Byzantine Failures, Authenticated Routing for Ad-hoc Networks – ARAN, Secure
Position Aided Ad hoc Routing – SPAAR. We survey of implementation of two-tier classification of routing protocol security metrics,
and propose a architecture to measure and enforce security attributes on ad hoc routing paths. In our paper framework enables
different suitable applications to adapt their behaviour according to the level of protection available on communicating nodes in an
ad hoc network.Mobile Ad hoc networks (MANETs) have several advantages compared to traditional wireless networks. These
include ease of deployment, speed of deployment and decreased dependency on a fixed infrastructure. There have been many studies
done in this area to improve the quality and efficiency of the routing protocols in MANETs. However unique characteristics of
Manet’s topology such as open peer-to-peer architecture, dynamic network topology, shared wireless medium and limited resource
(battery, memory and computation power) pose a number of non-trivial challenges to security design.

Index Terms: Byzantine failures; secure routing; Active attacks; Passive attacks; Wormhole attack; and ad hoc networks
etc.
--------------------------------------------------------------------- *** ------------------------------------------------------------------------

1. INTRODUCTION examine the use of different security attributes to improvethe

Wireless ad hoc networks have been proposed to support
dynamic scenarios where no wired infrastructure exists. Most
ad hoc routing protocols are cooperative by nature [1], and
rely on implicit trust-your-neighbour relationships to route
packets among engage nodes. This simple trust model allows
malicious nodes to paralyze an ad hoc network by inserting
erroneous routing updates, review old routing information,
improve routing updates, or advertising incorrect routing
information [2], [3]. While these attacks are possible in fixed
networks as well, the nature of the ad hoc environment
magnifies their effects, and makes their detection difficult [4].
The characteristics of an ad hoc network demand new metrics
for routing. Traditionally, distance (measured in hops) is used
as the metric in most ad hoc route-discovery algorithms (e.g.,
AODV [5], DSR [6], TORA [7] etc.). The use of other metrics
(e.g., geographic location [8], signal stability [9] etc.) can
improve the quality and the relevance of the routes discovered
for particular applications and configurations. Like this,we
http://www.ijfeat.org (C) International Journal For Engineering Applications and Technology[34-38]
quality of the security of an ad-hoc route. In this paper, we
present “Security-Aware ad-hoc routing (SAR)”, an approach
to routing that incorporates security levels of nodes into
traditional routing metrics. Our aim is to distinguish and
explicitly represent the trust values and trust relationships
associated with ad hoc nodes and use these values to make
routing decisions. In addition to determining a safe route, the
data in the routing messages must also be protected against
alteration that can change routing behaviour. In this paper, we
analyse the security of ad hoc routing algorithms with respect
to the protection associated with the transmission of routing
messages. We identify the attributes of a secure route and
define appropriate metrics to quantify the “level of security”
associated with protocol messages. These metrics are adapted
from their equivalents in security of wired routing protocols.
In the rest of this paper, we present our motivation and the
generalized SAR protocol for secure route discovery, update,
and propagation. We then briefly describe our threat
prototype, improve an attack classification, and legalize our
 MARCH
protocol against this model. Finally, we describe our
experimental test bed and present our simulation results and
conclusions.
2. ISSUES IN SECURING
The build-up of ad hoc network can be envisaged where
support of wireless access or wired backbone is not workable.
The Ad hoc wireless network does not have any predefined
infrastructure and all network services are configured and
generated on the fly. Thus it is clear that with lack of
infrastructure support and susceptible wireless link attacks,
safety in ad hoc network becomes inherent weakness.
Achieving security within an MANET is challenging due to
following reasons.
2.1Dynamic Topologies and Membership
A network topology of ad hoc network is very dynamic as
mobility of nodes or membership of nodes is very random and
rapid. This determines the need for secure solutions to be
dynamic.
2.2Vulnerable wireless link
Passive/Active link attacks like spoofing denial of service
masquerading,eavesdropping, impersonation are possible.
2.3Roaming in dangerous environment
Any malicious node or misbehaving node can create hostile
attack or deprive all other nodes from providing any service.
3. MAIN ISSUES FOR PROVIDING SECURITY IN
MANET
3.1 Identification issue Nodes
Having access to common radio link can easily participate to
set up ad hoc infrastructure. But the secure communication
among nodes requires the secure communication link to
communicate.
 Before establishing secure communication link the
node should be capable enough to identify further
node. As a result node needs to provide his/her
identity as well as associated credentials to another
node.
 The delivered identity and credentials need to be
authenticated and protected so that authenticity and
integrity of delivered identity and credentials cannot
be questioned by receiver node.
3.2 Privacy Issue
The identification issue simultaneously leads to privacy issue
for Mobile Ad hoc Network (MANET). Mobile node uses
different types of identities and that varies from link level to
user level. Also in mobile environment very frequent mobile
node is not ready to reveal his/her identity or credentials to
another mobile node from privacy view. The any
compromised identity leads attacker to create privacy threat to
the user device. Unfortunately the current mobile standards do
http://www.ijfeat.org (C) International Journal For Engineering Applications and Technology[34-38]
ISSN: 2321-8134
not provide any location privacy and in many cases revealing
identity is inevitable to generate communication link.
Therefore a seamless privacy protection is required to harness
the usage of ad hoc networking.
4. SECURED ROUTING PROTOCOLS
ARAN (authenticated routing for ad hocnetworks)
4.1 Introduction
The ARAN secure routing protocol is an on-demand routing
protocol that detects and protects against malicious actions
carried out by third parties and peers in the ad hoc
environment. ARAN (Authenticated Routing for Ad hoc
Networks) introduces message integrity, non-repudiation and
authentication as part of minimal security policy for the ad hoc
environment and consists of a preliminary certification
procedure, a compulsory end to-end authentication stage and
an optional second stage that provides secure shortest paths.
Fig-1. Routing Paths in MANET
4.2 Operation
ARAN requires the use of a trusted certificate server (T):
before entering in the ad hoc network, every node has to
request a certificate signed by trusted certificate server (T).
The certificate include the IP address of the node, a timestamp
of when the certificate was created, a time at which the
certificate expires along with the signature by T and its public
key. The each and every node is supposed to maintain fresh
certificates with the trusted server and must know trusted
certificate server’s public key. The aim of the first stage of the
ARAN protocol is for the source to verify that the intended
destination was reached. As with any safe system based on
cryptographic certificates, the key cancellation issue has to be
addressed in order to make sure that expired or revoked
certificates do not allow the holder to use the network. In
Authenticated Routing for Ad hoc Networks, when a
certificate needs to be cancelled, the trusted certificate server
T sends a broadcast message to the ad hoc group that
announces the cancellation. Any node receiving this message
rebroadcasts it to its neighbors. Cancellation notices need to be
stored until the revoked certificate would have expired
normally. Any neighbor of the node with the revoked
certificate needs to reform routing as necessary to avoid
transmission through the now doubtful node. This method is
not failsafe. In few cases, the doubtful node that is having its
 MARCH ISSN: 2321-8134

certificate revoked may be the sole connection between two  Integrity:Integrity guarantees that information
parts of the ad hoc network. In this case, the doubtful node passed on between nodes has not been tempered in
might not forward the notice of revocation for its certificate, the transmission. Information can be modified both
resulting in a separation of the network, as nodes that have intentionally and accidentally (for example through
accepted the cancellation notice will no longer hardware glitches, or in case of ad hoc wireless
forwardmessages through the doubtful node, while other nodes connections through interference).
depend on it to reach the rest of the network. This only lasts as  Non-repudiation:Non-repudiation ensures that the
long as the doubtful node's certificate would have otherwise data originator cannot deny having sent the data. This
been valid, or until the doubtful node is no longer the sole service is useful for detection and isolation of
connection between the two partitions. At the time that the compromised nodes in network. Various
cancelled certificate should have expired, the doubtful node is authentication and secure routing algorithms
unable to renew the certificate, and routing over that node implemented in ad hoc networks rely on trust-based
terminate. Additionally, to identify this situation and to hasten concepts. The case that a message can be associated
the propagation of revocation notices, when a node meets a to a specific node helps making these algorithms
new neighbor, it can exchange a summary of its revocation more secure.
notices with that neighbor; if these summaries do not match,
the original signed notices can be forwarded and re- 6. PROTOCOL
broadcasted to restart propagation of the notice. For simplicity, we assume that the base protocol is an
4.3 In nutshell ondemand protocol similar to AODV or dynamic secure
 The ARAN protocol protects against exploits using routing. In the actual protocol, when a node wants to
imitation, modification and concoction. communicate with different node, it broadcasts a Route
Request or RREQ packet to itsneighbours. The RREQ is
 The ARAN protocol uses of asymmetric
cryptography makes it a very costly protocol to use propagated to neighbours of neighboursand so on, using
controlled flooding. The RREQ packetsset up a reverse path to
in terms of CPU and energy usage.
the source of the RREQ on intermediaterouters that forward
 The ARAN is not immune to the wormhole attack. this packet. If any intermediatenode has a path already to the
Route Request(RREQ) destination, then the intermediate node
5. SECURITY SERVICES IN WIRELESS AD HOC replies with a Route Replay (RREP) packet, by using the
NETWORK reverse path to the source. Otherwise, ifthere exists a route (or
connectivity) in the ad hoc network, the router request packet
In order to assure a reliable data transfer over the
will finally reach the intended destination.
communication networks and to protect the system resources,
the various security services are required. Basedon their
Table-1: Protocols
objectives, the security services are classified in
Protocol Secret MA assumption Verification
fiveCategories: availability, confidentiality,
s key C mechanism
authentication,integrity and nonrepudiation.
Ariadne Secret MAC Node have MAC
 Availability:Availability implies that the requested
MAC Kad loosely verification
services (e.g. bandwidth and connectivity) are
keys synchronize mech.
available in atimely manner even though there is a
d clocks
potential problem in system. Availability of a
SAODV Public and - Network Digital
network can be hardened for example by dropping off
private should be signature
packets and by resource depletion attacks.
key key verification
 Confidentiality:Confidentiality ensures that distribution mech.
classified information in the network is never system
disclosed to unofficial entities. Confidentiality can be
SEAD Initial - Secure way Hash chain
gain by using different encryption techniques so that
secret key of delivering verification
only the legitimate communicating nodes can analyse
initial secret
and understandthe transmission. The content
key kN
disclosure attack and location disclosure attack
SRP SA MAC Source way MAC
reveals the contents of the message being transmitted
between KST of delivering verification
and physical information about a particular
source the SA mechanism
noderespectively.
and
 Authenticity:Authenticity is a network service to destinatio
determine a user’s identification. Without n
verification, an attacker can impersonate any node,
ARAN Public and - Trusted Public key
and such a way, one by one node, attacker can gain
private certificate cryptograph
control over the entire network.
key server y
http://www.ijfeat.org (C) International Journal For Engineering Applications and Technology[34-38]
 MARCH
verification
mech.
The destination node generates a RREP packet, and the
reverse path is used to set up a route in the forward direction.
In SAR, we embed our security metric into the RREQ packet,
and change the forwarding behaviour of the protocol with
respect to RREQs. Middle nodes receive an RREQ packet
with a particular security metric or trust level. Specific
absorption rate(SAR) ensures that this node can only process
the packet or forward it if the node itself can provide the
required security or has the required authorization or trust
level. If the node can’t provide the required security, the
RREQ is dropped. If an end-to-end path with the required
security attributes can be found, a suitably modified RREP is
sent from an intermediate node or the eventual destination.
SAR can be implemented based on any on-demand ad-hoc
routing protocol with suitable modification. In this paper, we
use AODV as our platform to implement SAR.
7. BEHAVIOUR
Our modification to the traditional ad hoc routing
protocolchanges the nature of the routes discovered in an ad
hocnetwork. The route find out by specific absorption rate
between two communicatingentities may not be the shortest
route in termsof hop-count. However SAR is able to find a
route with a quantifiable assurance of security. If one or many
routes thatsatisfy the required security attributes exist, specific
absorption rate will findthe smallest such route. If all the
nodes on the shortest path(in terms of hop count) between two
nodes can satisfy thesecurity requirements, SAR will find
routes that are optimal. But, if the ad hoc network does not
have a pathwith nodes that meet RREQ’s security demands,
SAR may fail to discovered a route even if the network is
connected.
8. PROTOCOL METRICS
In this subsection, we enumerate different techniques
tomeasure or specify the quality of security of a route
discoveredby our generalized SAR protocol. In protocol
metrics the first technique isthe explicit representation of trust
levels using a simple hierarchythat reflects organizational
privileges. The next subsectionenumerates the different
techniques used to protectthe integrity of routing messages in
fixed-routing protocols.
Table-2: Secure ad hoc network: properties
Property Techniques
Timeliness Timestamp
Ordering Sequence Number
Authenticity Password, Certificate
Authorization Credential
Integrity Digest, Digital Signature
Confidentiality Encryption
Non-repudiation Chaining of Digital Signature
http://www.ijfeat.org (C) International Journal For Engineering Applications and Technology[34-38]
ISSN: 2321-8134
9. CONCLUSION
Achieving a secure routing protocol is an important task
that is being challenged by the unique characteristics of
an ad hoc wireless network. Traditional routing protocols
fail to provide security, and rely on an implicit trust
between communicating nodes. In this paper we discuss
security services and challenges in an ad hoc wireless
network environment. We examine and classify major
routing attacks and present a 1comprehensive survey on
the state-of-the-art mechanisms and solutions designed
to defeat such attacks. A summary of the secure routing
mechanisms surveyed is presented in Table 1. The
current security mechanisms, all beat one or few routing
attacks. Designing routing protocols resistant to multiple
attacks remains a challenging task.
10. GLOSSARY
 MANET - Mobile Ad hoc Network
 ARAN - Authenticated Routing for Ad hoc
Networks
 SRP - Secure Routing Protocol
 MAC - Message Authentication Code
 SEAD - Secure Efficient Ad-hoc Distance Vector
protocol
 ARIADNE - A Secure On-Demand Routing
Protocol for Ad Hoc Networks
 DSR - Dynamic Secure Routing
 RREP - Route Replay
 RREQ - Route Request
 SAODV - Secure Ad hoc On Demand distance
Vector
11. REFERENCES
[1] E. M. Royer and C-K Toh, “A Review of Current Routing
Protocols forAd-Hoc Mobile Wireless Networks,” IEEE
Personal Communications,Apr. 1999.
[2] L. Zhou and Z. J. Haas, “Securing Ad Hoc Networks,”
IEEE NetworkMagazine, Nov. 1999.
[3] S. Marti and T.Giuli and K. Lai and M. Baker, “Mitigating
Routing Misbehavior in Mobile ad hoc networks,” in The Sixth
Annual ACM/IEEEInternational Conference on Mobile
Computing and Networking, Boston,MA, USA, Aug. 2000.
[4] Y. Zhang and W. Lee, “Intrusion Detection in Wireless
Ad-Hoc Networks,”in The Sixth Annual ACM/IEEE
Conference on Mobile Computingand Networking, Boston,
MA, USA, Aug. 2000.
 MARCH
[5] C. E. Perkins and E. M. Royer, “Ad-hoc On-Demand
Distance VectorRouting,” in The Second IEEE Workshop on
Mobile Computing Systemsand Applications, New Orleans,
LA, USA, Feb. 1999.
[6] J. Broch and D. B. Johnson, “The Dynamic Source
Routing Protocol for Mobile Ad Hoc Networks,” IETF
Internet Draft, October 1999.
[7] V. D. Park and M. S. Corson, “A Highly Adaptive
Distributed Routing Algorithm for Mobile Wireless
Networks,” in The 16th Annual Joint Conferenceof the IEEE
http://www.ijfeat.org (C) International Journal For Engineering Applications and Technology[34-38]
ISSN: 2321-8134
Computer and Communications Societies, Kobe, Japan,Apr.
1997.
[8] Y. Ko and N. H. Vaidya, “Location-Aided Routing(LAR)
in Mobile AdHoc Networks,” in The Fourth Annual
ACM/IEEE International Conferenceon Mobile Computing
and Networking, Dallas, TX, USA, Oct. 1998.
[9] R. Dube and C. D. Rais and Kuang-Yeh Wang and S. K.
Tripathi, “Signalstability-based adaptive routing (SSA) for ad
hoc mobile networks,” IEEEPersonal Communications, Feb.
1997.