Mobile Ad Hoc Network Security for Reactive Routing Protocol with Node Reputation Scheme

: The mobile node’s reputation in the Mobile Ad hoc Network (MANET) identifies its trust worthiness for secured multiple data communication. Unknown nature of the node’s communication status for initial period has great impact in the effective data transfer as MANET is self-organized and distributed. Problem statement: The functional operation of the mobile network relies on the trusty cooperation between the nodes. The major factor in securing the MANET is based on the quantification of node’s reputation and trustworthiness. The previous literatures provided uncertainty model to reflect a node’s confidence in sufficiency of its past experience and effect of collecting trust information from the unknown node status. With node mobility characteristic, it reduces unknown nature and speed up trust convergence. Approach: Mobility-assisted uncertainty reduction schemes comprised of, proactive schemes, that achieve trust convergence and reactive schemes provide node authentication and their reputation. They provide an acceptable trade-off between delay and uncertainty. The mobility based node reputation scheme presented in this study, identifies and monitor the node’s trustworthiness in sharing the information within the ad hoc network. Mobile nodes information uncertainty is handled with the mobility characteristics and its reputation is evaluated to trust or discard the node’s communication. Results: Simulations are carried out to evaluate the performance of mobility based node reputation scheme by measuring the nodes consistency behavior, neighboring communication rate and path diversity. Conclusion: The average node’s neighboring communication rate is high for the proposed mobility based reputation scheme compared to the reactive routing protocols.


INTRODUCTION
A Mobile Ad-hoc Network (MANET) can be considered as the collection of wireless mobile nodes organized to create a temporary connection between them. Neither pre-defined network infrastructure nor centralized network administration exists to assist in the communication in MANETs. Through a direct shared wireless radio links nodes communicate with each other. Each mobile node has a limited transmission range. Using a multi-hop strategy nodes wishes to communicate with other nodes outside their transmission range. There are two types of MANETs: closed and open (Kamvar et al., 2003). In a closed MANET, all mobile nodes cooperate with each other toward a common goal. In an open MANET, different mobile nodes with different goals share their resources in order to ensure global connectivity.
As the node participate in the network functions some resources are consumed quickly. For instance, battery power is considered to be most important in a mobile environment. At any cases an individual mobile node refuse to share its own resources. An individual mobile node may attempt to benefit from other nodes, but refuse to share its own resources. Those nodes are termed as selfish or misbehaving nodes and their behavior is termed selfishness or misbehavior (Buchegger and Boudec, 2002). One of the major sources of energy consumption in the mobile nodes of MANETs is wireless transmission (Josang et al., 2007). In order to conserve its own energy a selfish node may refuse to forward data packets for other nodes. Our proposed solution finds a secure, trustworthy path from source to destination. Such a path is free from any misbehaving nodes. We take into consideration both the trust value of the nodes in the path and also the number of hops involved to search for a path from source to destination.
In our work we have used a different approach for RREQ packet broadcasting. In the traditional DSR protocol (Kamvar et al., 2003) when a desire node receives a RREQ packet, it checks if it has previously processed it or not. If it has processed it drops the packet. A misbehaving node takes advantage of this and forwards the RREQ fast so that the RREQ from other nodes are dropped and the path discovered includes itself. Our solution is not vulnerable to this behavior. In our method, each node broadcasts a RREQ packet if it is received from different neighbors. Therefore at the destination we have multiple reputation count value for different nodes, which further lead to the discovery of the most secure path, avoiding misbehaving nodes.

MATERIALS AND METHODS
Much research work has been done to make the route discovered by Mobility based node reputation MNRS secure. Various frameworks (Josang et al., 2007) have been designed to model trust networks and have been used as trust management systems (Zhang et al., 2006). It can be divided into three main categories. In the first category the trust management system has a central authority, which is usually called the Trusted Third Party (TTP). Entities cooperate on the basis of the trust values (e.g., the authorization certificates) assigned by the Trusted Third Party. Introducing a TTP will violate the self-organized nature of MANET(S. Vijayaragavan et al., 2009) which makes these systems inapplicable in MANETs.
In the second category, one global trust value is drawn and published for each node, based on other nodes' opinions toward it. EigenTrust (Kamvar et al., 2003) is one mechanism in this category. The algorithm calculates the computation of global trust values in the distributed environment. EigenTrust presents the request to separate misbehavers from newcomers. But, it lacks the method to satisfy this request naturally. EigenTrust is a representative and most existing trust evaluation systems have the same requirement, but omit uncertainty at the same time.
In the third category, it includes the trust management systems that allow each node to have its own view of other nodes. These systems are more realistic as they are similar to the trust models in the social network. Each node builds its view based on the observation as well as the recommendation from others. Many recent reputation systems, such as CONFIDANT (Buchegger and Boudec, 2002), CORE (Michiardi and Molva, 2002) and OCEAN (Bansal and Baker, 2003), belong to this category. In the improved CONFIDANT, Buchegger and Boudec (2004) provided a modified Bayesian approach for reputation representation, updates and view integration. When updating the reputation according to recommendations, only information that is compatible with the current reputation rating is accepted. This approach is objective and robust. But, this approach still leaves an opportunity for elaborate attackers to launch false accusation attacks since there is no constraint on update frequency. This approach also lacks the ability to separate newcomers from misbehavers.
A Trust based routing is proposed by Pirazada (Buchegger and Boudec, 2004) in which the trust agent derives trust levels from events that are directly experienced by a node (Khatri et al., 2010). A trust information is shared by the Reputation agent about nodes with other nodes in the network. A Combiner computes the final trust in a node based upon the information it receives from the Trust and Reputation agents (Jayakumar and Gopinath, 2007). Trust is computed using direct and indirect information. The trust value is propagated by piggybacking the direct trust value of the nodes along with RREQ packets (Pirzada et al., 2004). Each time a packet is forwarded or sent, the routing table is being scanned for all alternate paths leading to the destination. It compares the direct trust value of all next hops in this path and selects the one with the highest trust value.
Routing Algorithm based on trust was also proposed by Wang et al. (2005). In advance the trust values of all the nodes are assumed and are stored at each node. Trust for the route is calculated at the source node based on the weight and trust values are assigned to the nodes involved in the path at the source node. Assignment of weights is done ranging from 0-1. The protocol uses the path with the largest trust value of route and least packet delay from among multiple route options, as metrics, unlike the standard DSR protocol that only uses minimum hop count. In (Wu and Dai, 2004; Wu and coauthors raised the question of whether mobility should be treated as a foe (undesirable) or a friend (desirable). In security-related research, this question also attracted a significant amount of research interest (Capkun et al., 2006).
A formal trust structure was proposed by Pirzada et al. (2004). In order to reflect the uncertainty the trust structure allows for an interval between belief and disbelief. The narrower the interval, the lower the uncertainty. The trust domain so obtained in (Pirzada et al., 2004) was particularly interesting, interesting from the findings, as it allows for the expression of complex policies. However, the focus of the trust structure is not the specific definition of uncertainty. The notion of uncertainty can also be integrated into formally defined trust structures and adopted in enriched policies (Zabian and Ibrahim, 2008). Josang et al. (2006) developed algebra for assessing trust relations and it has been applied to set up certification chains. A triplet designating belief, disbelief and uncertainty is assigned to each trust statement.
Methodology-mobility based node's reputation scheme: Mobility pattern of most nodes in MANETs is determined by their own tasks and considered to be random, the controlled-movement-based schemes in MANETs usually assign the specific task to a selected small portion of nodes to enhance the performance. Unknown status of the mobile node is the main element in trust evaluation. In MANETs, mobility increases the chance that two separated nodes meet and directly contact each other. It also allows each node to have more evidence to verify future recommendation.
In the proposed mobility based node's reputation scheme, each node has one unique ID and it cannot be spoofed. A node can only monitor the behavior of its 1 hop neighbor. When two nodes directly contact each other in 1 hop, they have a way to decide whether the result is satisfactory, nodes' behaviors are consistent. A node's general behavior can be deduced from its past actions; nodes are independent from each other, with no collusion. The proposed reputation system accommodate independent false positive and false negative. The knowledge of reputation reflects the focus of a trust evaluation system. Reputation is the opinion of one entity toward another based on past experiences. In most of the existing systems, reputation is represented as two variables: belief and disbelief. However, dividing trust into only belief or disbelief is not always appropriate. One reputation value based on 10 contact experiences and another based on 100 contact experiences, have totally different meanings. An ordering between no knowledge and total certainty is needed to reflect the degree of confidence in trust information.
In this system, a one-dimensional representation of belief, disbelief and uncertainty is extended from the subjective logic. Each node keeps a belief and disbelief value toward other nodes as a prediction of their future behavior. As these two values are only predictions, uncertainty always exists. The node's opinion is represented as designated as belief, disbelief and uncertainty, respectively. The reputation of a node computed from first-hand information is the reputation based on one's own experience. It is calculated directly from a node's observation. Each node will also propagate this information so that other nodes can use it as second-hand information. Each node estimates its neighbor's reliability based on its accumulated observations using Bayesian inference.
Bayesian inference is a statistical inference in which evidence or observations are used to update or to newly infer the probability that a hypothesis may be true. Beta distributions, Beta are used here in the Bayesian inference, since it only needs two parameters that are continuously updated, as observations are made. To start, each node in the network has the prior Beta for all its neighbors. The prior Beta implies that the distribution of the reliability metric complies with the uniform distribution, which indicates complete uncertainty as there are no observations. When a new observation is made, if it is a successful forwarding, then it is updated. The prior is then updated as Beta when needed. The triplet representing the node's opinion is derived from Beta.
Reputation exclusively based on direct contact increases the detection time when compared to an approach that also uses reports from others. The more information each node considers, the faster the trust evaluation achieves convergence. Second-hand information is the information that a node gets from the first-hand information published by other nodes. It is a kind of trust transitivity. Node A first gathers other nodes' first hand observations toward node C. Node A converts the information into an opinion and discounts it by node A's opinion toward the node reporting the observation. The recommendation is calculated in this sense. After gathering all the recommendations, node A will synthesize them and integrate the second-hand information with the first-hand observation and make a final anticipation and decision. The reactive routing model in which dropping of the subsequent RREQ packet may lead to following problems: • In the traditional reactive protocol when a node receives a route request packet, it checks if it has previously processed it and if so it drops the packet. An adversary node takes advantage of this and forwards the route request fast so that the route request from other nodes are dropped and the path discovered is included • Compared to the paths with congested or high areas of mobile network RREQ packets arrive quickly compared to the paths with congested or highly mobile areas of the network. This results with no path through congested or highly mobile area. But if there exists a shorter path and if such areas are recovered quickly then such shorter path may not be utilized • One of the other drawback is that all the one hop neighbors of destination after receiving first RREQ propagate to destination .This results in discarding the route request packet from most of the neighboring paths To take into consideration the above problems, we proposed the following modification to the traditional reactive routing protocol and present efficient mobility based node reputation scheme.
Mobility based Node Reputation Scheme (MNRS) discovers multiple neighbor reputation between two nodes. This is essential for an ad hoc network to be able to tolerate attack-induced path failures and provide robust packet delivery. Depending on the number of nodes in the ad hoc network the node's reputation count status is used. If robustness is required, it can send the same packet through those trusted neighbor so high reputation. Each node creates a Reputation Counter Table as shown in Fig 1. This table maintains a reputation count value for its node neighbors. In the proposed work, each node stores the reputation count value of its node neighbors.
The reputation count value is assigned in the range from 0-1. A well-behaved node is assigned reputation count value >= 0.5, while a malicious node is assigned reputation count value < 0.5. We do not consider physical layer and link layer attacks, like jamming attacks, in this study. To decrease the routing overhead and increase the network performance all the one hop neighbors of destination unicast the RREQ packet. In reactive routing protocol there is no procedure to know the one hop neighbors of destination as no next hop table is maintained. Therefore to address the above problem we maintain neighbor table as shown in Fig. 2 at every node in MANETs. This table is used to maintain all the neighbor hop nodes to its respective destination. It has two fields which are destination node in which we store the name of the node i.e., assigned name to whom the RREQ packet is designated and the other field is neighbor hop nodes which store the total hop neighbor nodes of appropriate destination. This table is created when a new RREQ packet is received at each intermediate node.
Routing node discovery: If a path is already not known and suppose a source node wants to transmit a data packet to a destination node, it first initiates a route discovery process by broadcasting a route request packet. The RREQ packet header is modified by adding a p_truste field, so that it now contains the following   (1) Where: IPsource and IPdes = IP addresses of the destination and source nodes, Seq num = The sequence number It = Maintained by the source node for each destination node and increases automatically for each route request p_truste = Denotes the trust value of the path up to that node and is initialized as 0 at source node After broadcasting the RREQ packet, the source node sets a timer whose time period T which is equal to 1way propagation delay. It is determined by using formula given below: T = 2 * MAX TR / Sp + n Where: MAX TR = Maximum transmission range Sp = Speed of the wireless signal N = Neighbor node rate threshold constant TR/2*S = Used in our simulation The time value of the timer set to denotes the time needed to receive a RREP packet from one hop neighbors. Based on the arrival time and the length of the path, the acceptance of RREP is denoted. The possible arrivals for RREP packet could be before or after the timer expires. Accordingly either it can be accepted or rejected. If RREP packet arrives before the timer expires then it is accepted if path length is equal to 1 else it is rejected. As this RREP packet may be forged RREP packet form a malicious node. If path length is greater than 1 it arrives after timer expires and the value is greater than 1. As now the RREP packet has traversed along the path containing only legitimate nodes from source to destination. RREP packet is rejected if path length is 1 as it is from malicious node.

Experimentation -Processing of route request at intermediate nodes:
Processing takes place only when the packet is received from a different path. When an intermediate node receives the RREQ packet, it is processed and sees to that it is not from the one hop neighbors of destination and does not include one hop neighbor of destination. So there is a propagation delay which is being done by the intermediate node. The time delay to forward RREQ by is equal to 1-way propagation delay. The above said process is performed only after receiving the RREQ packet. The delay D fac is calculated using formula given below: Unlike previous approaches which are based on broadcast and hence ignore the path from one hop neighbor of destination, the protocol proposed in this study consider such path as it uses uni casting of route discovery packet from one hop neighbor of destination which lead to detect most trustworthy path. So the increase in detection rate of misbehaving node lowers the packet drop attack which indirectly increases throughput of the network. Each RREQ packet is modified to include the trust value of the node from which packet is received. So when B broadcasts a RREQ packet and node A receives it, it updates the p_truste field as: p_truste= p_truste +trust AB where, trust AB is trust value that is assigned by node A to B and signifies how much node A trusts B.
Destination node's route of reply: When a destination node receives RREQ it immediately sends RREP. At the destination, p_trust contains information about the trust of all nodes involved in the path.
The RREP packet header is modified such that it contains two fields p_truste and n_trust in addition to other fields. The updated RREP PACKET is: RREP: {IPsource, IPdes, Seq num}||p_truste|| n_trust Where: p_truste = Assigned from the RREQ packet received at the destination n_trust = Initialized to 0. It has the same significance p_truste = The RREQ packet and denotes the trust value of the path up to that node from the destination

Processing of intermediate nodes at RREP: When an intermediate node receives a RREP PACKET, it checks
if it is the intended next recipient. If yes, then it modifies field n_trust in the same manner as p_truste. Each node updates it by including the trust value of the node from which it received the packet. So when node x receives RREP PACKET from y, it updates n_trust as: n_trust =n_trust + Txy (6) Then intermediate node forwards the RREP PACKET along the route in source route of RREP PACKET. If an intermediate node overhear a RREP PACKET and it is not the intended next recipient, then it adds the first node in source route of RREP PACKET to neighbor table. The first node in source route is the one hop neighbor of destination.
Path decision at source node: When the RREP packet reaches the source node, the most secure path is selected by it. It calculates the path trust based on the trust values p_truste and n_trust received in the RREP packet and the number of nodes in the path. The path selected is the one which has the maximum path trust. Trust value of ith path: path_truste i = (( p_truste + n_trust ) / 2 ) * w i Where: w i = 1/n i / Σ 1 / n i (I = 1 to n ) path_truste source -des = max( path -trust i ) Where: Ni = The number of nodes in ith path. N = The total number of paths from s to d Wi = The weight assigned to the ith path path_trustei = The trust value of the ith path.
path_truset source-des = The trust value of the path selected as the most trust-worthy path

RESULTS AND DISCUSSION
Performance of Mobility assisted node reputation scheme for MANET Security: Simulation environment: Network simulator NS-2 (2.3.2 version) is used to evaluate the effectiveness of the proposed method. Different scenarios are defined in a 600×600 Sqm with 40 mobile nodes. The source and destination nodes are randomly selected. In each scenario, each node moves in a random direction using the random waypoint model with a speed randomly chosen within the range of 0-25 m sec −1 . The transmission range of each node is 150 m. It is assumed that there are nearly 25% malicious nodes are available in the ad hoc network.

Parameters for evaluation:
To evaluate the performance of the proposed scheme, we use the following metrics: Percentage of detection: It is defined as the ratio of the number of nodes detected as adversary and the actual number of such nodes present in the network.
Neighbor node communication rate: It is defined as the time number of RREQ packets transferred taken to find a secure path from source to destination, in the presence of adversary nodes.
Throughput: it is the ratio of the number of data packets received by the destination node to the number of packets sent by the source node.
The results for the proposed scheme (MNRS) are compared with those obtained from reactive routing protocol (DOA). DOA is the integration of DSR and AODV reactive routing protocols, by varying the number of adversary nodes in the network. The Fig. 3 shows the no. of adversary node Vs node reputation consistency rate. As the number of adversary nodes increases node reputation consistency rate also increased. So more number of nodes means a high steep in the consistency rate. Figure 3 show that MNRS is able to detect more adversary nodes compared to trust based multi path Reacting routing node. MNRS is able to explore more routes to destination as packet to be requested packet is uncased. Therefore more number of paths is available at source and trustworthy path is selected based on the path trust. The percentage of detection is less than 100 due to node mobility which results in link breakage. When there is a link breakage the next trustworthy path is selected. But the behavior of some node may change during this time and it may start misbehaving. This information is available only with the intermediate nodes, which are unable to make any routing decisions. Thus the path selected may include such nodes, which remain undetected. show that the adversary nodes of MNRS are more than DOA when there are no adversary nodes in the network. In MNRS a request packet is processed if the packet is received from different paths whereas in DOA a node drops the packet if it has seen it previously no matter for the path. But as the number of nodes increases in the packet the packets dropped which induces new route.
In MNRS adversary nodes are detected and excluded from the pat. The route discovery is delayed which indirectly decreasing the routing overhead. Unlike DOA approaches, which are based on broadcast of request, our scheme uses unicasting of route discovery packet from one hop neighbor of destination. This unicasting of rate of request introduces very less additional routing overhead on standard DOA in the network. The throughput of MNRS is more compared to DOA and reputation count. Throughput for all the methods degrades with the increase in number of adversary nodes in the network as shown in Fig. 5. Figure 5 shows the number of adversary nodes Vs no of diverted paths. However, the decrease is steeped in reactive routing as it discovers the shortest path without detecting any adversary nodes which induce packet drop. Excluding adversary nodes it is clear from the graph that as the number of adversary node increases the number of diverted path also decreases   Table 1 shows that the DOA scheme is compared with the MNRS scheme. As the no of adversary node increases , while comparing the DOA with MNRS node reputation consistency rate for MNRS is higher when compared to the DOA. Table 2 shows the neighbor node communication rate for DOA and MNRS. As the no of adversary node reaches higher value the neighbor node communication rate for MNRS is higher when compared with the communication rate for DOA. Table  3 shows the diverted path for DOA Vs the diverted path for MNRS. The increase in the adversary node shows the increase in the diverted path for MNRS when compared to that for the DOA.

CONCLUSION
The mobility based node reputation scheme for secured MANET presented in this study maintains the consistent knowledge about the node's communication spree, whether trusted or un trusted one. The proposed reputation scheme is used in improving the efficiency of overall network data transfer between different nodes. The neighbor node utilization rate is used to evaluate the consistent nature of nodes reputation behavior and minimize the route discovery delay threshold. Path diversity metric used in the simulation experiments for analyzing the mobility based node reputation scheme shows the nature of data transfer route in the MANET reactive routing protocol.
The node's trustworthiness is very much used in sharing the information within the ad hoc network for secured data transfer in adverse conditions. Mobile nodes information uncertainty is handled with the mobility characteristics and its reputation is evaluated to trust or discard the node's communication.
Simulations result shows that the performance of mobility based node reputation scheme in terms of nodes consistency behavior, neighboring communication rate and path diversity compared to the reactive routing protocols are improved. The performance of the certainty reputation system improves and the average uncertainty increases even the percentage of misbehaving nodes increases.