scispace - formally typeset
Search or ask a question
Journal ArticleDOI

ITCA, an IDS and Trust Solution Collaborated with ACK Based Approach to Mitigate Network Layer Attack on MANET Routing

01 Jul 2019-Wireless Personal Communications (Springer US)-Vol. 107, Iss: 1, pp 393-416
TL;DR: The proposed consolidated approach, IDS and Trust solution Collaborated with Ack based approach (ITCA), performs identification of attack, isolation of misbehaving nodes and control behavior of nodes in the network, which enables the routing process to be more robust by resisting the malicious nodes from being the part of a route, avoid attack formation and thus supports to improve the efficiency.
Abstract: The feature of Dynamic topology configuration of MANET reciprocates the security constraints and bring in many security threats that hamper the routing and time bound delivery of packets. Many security schemes had been proposed to secure MANET routing and improve its efficiency. The solutions proposed by existing systems are defined in one dimension so that the targeted attack can be fixed up, but that might create flaws in other dimension or introduce new attack. So it is necessary to create a multidimensional solution that empowers the routing process to become inherently secure rather than defending one particular attack. The selfish or maliciously behaving nodes in the network are the key players in launching the attacks and disrupting the routing process. In this paper, the proposed consolidated approach named, IDS and Trust solution Collaborated with Ack based approach (ITCA), performs identification of attack, isolation of misbehaving nodes and control behavior of nodes in the network. This enables the routing process to be more robust by resisting the malicious nodes from being the part of a route, avoid attack formation and thus supports to improve the efficiency. Even though the malicious nodes are isolated, the proposed method allows them to be sender for transmitting their own data, but under controlled environment defined by IDS so that the attempt to launch DOS attack can be avoided. The reconsideration of isolated node that to under controlled IDS environment in collaboration with Trust and improved ACK based scheme is key behind proposed multidimensional method, ITCA. Further the method is integrated with AODV and extensive experimentation is done based on raising number of malicious nodes in the network to measure its effectiveness and efficiency.
Citations
More filters
Journal ArticleDOI
TL;DR: An intrusion detection system called ‘Accurate and Cognitive Intrusion Detection System’ (ACIDS) for detecting the most vulnerable packet dropping attack known as black hole attack has been developed and the results attest to the efficacy of ACIDS over AODV routing protocol in detecting packet dropping scenarios of the black holes attack.
Abstract: Mobile Ad-hoc Network (MANETs) is infrastructure less in nature as it is encompassed with a collection of mobile nodes. The self-configurable feature of it has proven to be beneficial in times of disaster relief and rescue operations as the mobile nodes can be effortlessly deployed regardless of the geographical location. In this network, communication take place with the aid of several cooperative routing protocols such as AODV, DSDV, DSR etc., Due to the lack of a centralized administration, the network is prone to copious routing attacks. In this paper, an intrusion detection system called ‘Accurate and Cognitive Intrusion Detection System’ (ACIDS) for detecting the most vulnerable packet dropping attack known as black hole attack has been developed. This system takes the parameters such as Destination Sequence Number (DSN) and Route Reply (RREP) into consideration for detecting the intruders by identifying the deviation of the chosen parameters from the normal behavior. The proposed system has been simulated using NS2 and the analysis of the results attest to the efficacy of ACIDS over AODV routing protocol in detecting packet dropping scenarios of the black hole attack.

22 citations

Journal ArticleDOI
TL;DR: In this article, a trust-aware intrusion detection and prevention system (TA-IDPS) is proposed for protecting the network from adversaries, which consists of a MANET, a cloudlet and a cloud service layer.
Abstract: 5G-based mobile ad hoc networks with cloud are a new paradigm that combines several real-world applications. Routing and security are current issues in MANETs. Security is highly important in MANET and cloud environments for preventing harmful attacks. Therefore, a trusted environment is required for a MANET with cloud-based 5G communications. In this paper, we propose a new framework called trust-aware intrusion detection and prevention system (TA-IDPS) for protecting the network from adversaries. TA-IDPS consists of a MANET, a cloudlet, and a cloud service layer. Initially, we register and authenticate mobile nodes using an ultra-lightweight symmetric cryptographic technique, which is highly suitable for resource-constrained environments. In MANETs, high energy consumption, scalability, and authentication are important issues, which are addressed by the proposed moth flame optimization algorithm. If the cluster head (CH) receives data packets from a source node, they are classified as normal, malicious, and suspicious using a deep belief network. Intra-cluster routing is implemented by an adaptive Bayesian estimator using next-best forwarder selection. In the cloudlet layer, cloudlets are used to aggregate packets from the CH and verify their legitimacy so that they can be forwarded to the cloud service layer. Each cloudlet is provided with a peek monitor for classifying suspicious packets as malicious and normal using Awads information entropy. Experiments are conducted using NS3.26. The performance of the proposed TA-IDPS and previous methods is analyzed using widely used metrics. The evaluation results demonstrated that the proposed TA-IDPS system outperformed the previous methods in terms of all metrics.

10 citations

Journal ArticleDOI
TL;DR: Comparative analysis reveals that the proposed trust evaluation model outperforms the competitive trust evaluation models in terms of various performance metrics such as routing overheads, average end to end latency, packet delivery ratio, and throughput, and the proposed protocol is more secure against various security threats.
Abstract: Recently Mobile adhoc networks (MANETs) have received the great attention of researchers as these models provide a wide range of applications. But MANET nodes are prone to various security threats. To overcome this issue, many trust management frameworks have been implemented in the literature. It has been found that the use of machine learning can predict trust values more efficiently. However, machine learning performance suffers from the hyper-parameters tuning and over-fitting issues. Therefore, in this paper, novel trust management is proposed. initially, the Adaptive neuro-fuzzy inference system (ANFIS) is used to train the trust prediction model. Thereafter, a non-dominated sorting genetic algorithm-III (NSGA-III) is used to tune the hyper-parameters of the ANFIS model. Precision, recall, and root mean squared error metrics are used to design a multi-objective fitness function. Optimized link state routing (OLSR) protocol is used for comparative analyses purpose. Three different attacks are applied on the designed network i.e., link spoofing, jellyfish, and gray hole attacks to obtain the dataset. Comparative analysis reveals that the proposed trust evaluation model outperforms the competitive trust evaluation models in terms of various performance metrics such as routing overheads, average end to end latency, packet delivery ratio, and throughput. Thus, the proposed protocol is more secure against various security threats.

6 citations

Book ChapterDOI
01 Jan 2020
TL;DR: The Improved ITCA is proposed, which introduces a lightweight real-time option for secured ACK-based approach, whereas adaptive application-specific trust calculation parameters make the system more robust or work efficiently even when percentage of malicious node in the network is high.
Abstract: MANET is well known for its inherent feature of on-demand ad hoc establishment of network. This makes MANET a suitable option for many applications like Disaster management, military applications, etc. But the mutual dependency among the nodes make the MANET vulnerable for many attacks. Researchers had proposed many solutions to make the routing in MANET secure, ITCA is one of the proposed examples which tries to identify malicious activity and isolate infected nodes from network through multiple dimensions. The Improved ITCA proposed in this paper tries to make attack detection system real time and trust calculation adaptive to the application-specific parameters. This will reduce the burden over source node, which has been used by most of ACK-based solution for attack identification and isolation, in turn tries to reduce the number of control packet required that optimize the overhead and make the attack detection and isolation process more simple and faster. The Improved ITCA introduces a lightweight real-time option for secured ACK-based approach, whereas adaptive application-specific trust calculation parameters make the system more robust or work efficiently even when percentage of malicious node in the network is high.

3 citations

Journal ArticleDOI
TL;DR: The proposed framework utilize the benefit of Reputation and Trust based evaluation process to secure route discovery by isolating malicious nodes at early stage of route formation by incorporating multi-dimensional multi-attribute system (MDMA).
Abstract: The Dynamic on demand network formation feature of MANET tend to have its biggest the vulnerability that infect the process of route establishment using routing algorithms and exploits many attacks. Identifying the attack and isolating the malicious node to reform the secured routing environment is the major goal of all researchers working for securing the MANET. IDS and trust based collaborative approach (ITCA) is the our first proposed published method which provides the platform for hybrid approach to trap the malicious nodes through combined efforts from multiple dimensions.The proposed framework utilize the benefit of Reputation and Trust based evaluation process to secure route discovery by isolating malicious nodes at early stage of route formation. The more advanced approach, multi-dimensional multi-attribute system (MDMA), incorporates multi-attribute direct, indirect trust mechanism, and use of measured risk by credibility factor, while considering indirect trust. It empowers IDS and make the ITCA more efficient. The attributes considered for calculations of trust are adaptable to change in application environment make MDMA a flexible generalized solution. The MDMA is evaluated by implementing using AODV and compared with our previous proposed method ITCA along with many other solutions. The results are better and more adaptable to the changing environment.

1 citations

References
More filters
01 Jan 2007
TL;DR: In this paper, the authors investigate the state-of-the-art of security issues in MANET and examine routing attacks, such as link spoofing and colluding misrelay attacks, as well as countermeasures against such attacks.
Abstract: Recently, mobile ad hoc networks became a hot research topic among researchers due to their flexibility and independence of network infrastructures, such as base stations. Due to unique characteristics, such as dynamic network topology, limited bandwidth, and limited battery power, routing in a MANET is a particularly challenging task compared to a conventional network. Early work in MANET research has mainly focused on developing an efficient routing mechanism in such a highly dynamic and resource-constrained network. At present, several efficient routing protocols have been proposed for MANET. Most of these protocols assume a trusted and cooperative environment. However, in the presence of malicious nodes, the networks are vulnerable to various kinds of attacks. In MANET, routing attacks are particularly serious. In this article, we investigate the state-of-the-art of security issues in MANET. In particular, we examine routing attacks, such as link spoofing and colluding misrelay attacks, as well as countermeasures against such attacks in existing MANET protocols.

474 citations

Journal ArticleDOI
TL;DR: This article investigates the state-of-the-art of security issues in MANET and examines routing attacks, such as link spoofing and colluding misrelay attacks, as well as countermeasures against such attacks in existing MANET protocols.
Abstract: Recently, mobile ad hoc networks became a hot research topic among researchers due to their flexibility and independence of network infrastructures, such as base stations. Due to unique characteristics, such as dynamic network topology, limited bandwidth, and limited battery power, routing in a MANET is a particularly challenging task compared to a conventional network. Early work in MANET research has mainly focused on developing an efficient routing mechanism in such a highly dynamic and resource-constrained network. At present, several efficient routing protocols have been proposed for MANET. Most of these protocols assume a trusted and cooperative environment. However, in the presence of malicious nodes, the networks are vulnerable to various kinds of attacks. In MANET, routing attacks are particularly serious. In this article, we investigate the state-of-the-art of security issues in MANET. In particular, we examine routing attacks, such as link spoofing and colluding misrelay attacks, as well as countermeasures against such attacks in existing MANET protocols.

447 citations

Journal ArticleDOI
01 Sep 2013
TL;DR: This paper presents a dynamic trust prediction model to evaluate the trustworthiness of nodes, which is based on the nodes’ historical behaviors, as well as the future behaviors via extended fuzzy logic rules prediction, and integrated the proposed trust predication model into the Source Routing Mechanism.
Abstract: Mobile ad hoc networks (MANETs) are spontaneously deployed over a geographically limited area without well-established infrastructure. The networks work well only if the mobile nodes are trusty and behave cooperatively. Due to the openness in network topology and absence of a centralized administration in management, MANETs are very vulnerable to various attacks from malicious nodes. In order to reduce the hazards from such nodes and enhance the security of network, this paper presents a dynamic trust prediction model to evaluate the trustworthiness of nodes, which is based on the nodes’ historical behaviors, as well as the future behaviors via extended fuzzy logic rules prediction. We have also integrated the proposed trust predication model into the Source Routing Mechanism. Our novel on-demand trust-based unicast routing protocol for MANETs, termed as Trust-based Source Routing protocol (TSR), provides a flexible and feasible approach to choose the shortest route that meets the security requirement of data packets transmission. Extensive experiments have been conducted to evaluate the efficiency and effectiveness of the proposed mechanism in malicious node identification and attack resistance. The results show that TSR improves packet delivery ratio and reduces average end-to-end latency.

193 citations

Journal ArticleDOI
TL;DR: This paper proposes a new routing protocol, i.e., authenticated anonymous secure routing (AASR), to satisfy the requirement and defend against the attacks, and demonstrates the effectiveness of the proposed AASR protocol with improved performance as compared with the existing protocols.
Abstract: Anonymous communications are important for many of the applications of mobile ad hoc networks (MANETs) deployed in adversary environments. A major requirement on the network is the ability to provide unidentifiability and unlinkability for mobile nodes and their traffic. Although a number of anonymous secure routing protocols have been proposed, the requirement is not fully satisfied. The existing protocols are vulnerable to the attacks of fake routing packets or denial-of-service broadcasting, even the node identities are protected by pseudonyms. In this paper, we propose a new routing protocol, i.e., authenticated anonymous secure routing (AASR), to satisfy the requirement and defend against the attacks. More specifically, the route request packets are authenticated by a group signature, to defend against potential active attacks without unveiling the node identities. The key-encrypted onion routing with a route secret verification message is designed to prevent intermediate nodes from inferring a real destination. Simulation results have demonstrated the effectiveness of the proposed AASR protocol with improved performance as compared with the existing protocols.

76 citations

Journal ArticleDOI
TL;DR: A novel trusted route that considers communication reliability and path length for a reliable and feasible packet delivery in a MANET, and introduces the concept of attribute similarity in finding potentially friendly nodes among strangers.

66 citations