DEDICATED TRUSTEE DETECTOR OF BLACK HOLES IN MANETS

MANET is developing the next generation wireless universe. However MANETS prove their performance only when routing is efficient. In this paper we propose a model of Dedicated Trust System (DTS) which aims in detecting the misbehaving nodes. We implement our DTD using zone routing protocol with trusted systems. We finally develop a reputation model with two new parameters trustee and bucy trustee, which aims in identifying the black holes and isolating them and show significant upgradation in the overall protocol performance. We make a comparative study of our defensive network with the zone routing protocol defenseless network. All simulations have been implemented using NS2 simulator.


INTRODUCTION
An adhoc network in general is a self-configuring infrastructure less network of mobile devices connected by wireless. In mobile adhoc network, nodes coordinating among themselves to determine channel access. In this study we concentrate on clustered topologies where local cluster head elected and used for network control. In a dynamic environment the cluster head election process has to be re-invoked according to a suitable update policy. If the nodes coordinate well then forwarding is done to destination. But in many cases these nodes act as malicious or faulty nodes which misroute data packets and not allowing them to reach destination.
This study deals with one of the security problems in ad hoc networks called black hole problem (Jaisankar et al., 2010). The black hole generally exhibits itself as the node which has the shortest path to the destination node and sends its reply as early as possible than all other original nodes thereby the source node assumes this fake node as the path to destination and sends all its packets which are all drained into the fake node making an empty hollow. The network performance is greatly affected by black hole problem.
In this study we propose an trustee bucy mechanism which integrates techniques from trust management system systems and kalman Bucy filter, which to some extent help to filter out the malicious nodes (Natsheh and Buragga, 2010). This study is organized as follows. Section 2 discusses some related work. In section 3, we describe proposed approach to detect the black holes in MANET. Performance evaluation of our protocols is presented in section 4 and finally, section 5 presents conclusions. Dokurer et al. (2007) investigated the effects of black hole attacks on the network performance. They simulated black hole attacks in network simulator 2 (ns-2) and measured the packet loss in the network with and without a black hole. They gave a solution which improved the network performance in the presence of a black hole by about 19%. Mishra et al. (2009) proposed a method to enhance the security of the AODV protocol and DSR protocol in the presence of Black holes with minimal additional delay and Overhead and gave an analyzes of which routing method is best for different malicious behaviors.

TRUSTEE BUCY MODEL
In this study we would like to consider the zone based protocol ZRP (Lee et al., 2011) for detection of black holes. Generally in zone topology every node is organized into several zones. For every zone a leader is elected, this leader acts as the representative for his group. In Fig. 1, the zone head and its group members are depicted. When a new node wants to join the group it contacts the zone leader and joins the group by updating its routing table.
When the leader leaves a group, another member is elected as a leader and announces its leadership to all other members and other group leaders and hence reconfiguration is efficiently managed in zone routing protocol. Along with the zone head routing table we are including two new parameters trustee and bucy trustee. This trustee is a value which will be calculated for every leader in the zone group. This trustee is calculated based on trust management models. Trustee has all the information about the head that includes the past and present status of the zone head and bucy trustee has all the information about the members. Our proposed trustee model uses the zone topology where each node that is present in the network should be in one of the three states: 0-node is functioning properly; 1-node is in detection-location phase, 2-node in final phase of route discovery. Identification of the black holes perfectly or accurately is the key issue to consider while detecting black holes. In the Fig. 2, we have depicted our new trustee model which has a monitor which gathers all the member and leader values and sends to the detector which manipulates ensures the reliability of routing in the specified and destined route detected by our detector.

Analytical Model
To apply the Kalman Bucy filter for estimation of state vector the observations are linearized as follows Equation 1: where, * n t is the nominal or reference vector and * n n n t t t ∆ = − is the difference between the true and nominal state vectors. In the Kalman Bucy filter the nominal vector is obtained from the estimated state trajectory * n n nt ,i.e, t t = . The matrix n H is given by The discrete command process cannot be estimated in the current framework of adhoc networks using HSMM or Bayesian based estimators due to lack of suitable observations required for these estimation processes. We use an alternate idea of dealing the discrete command as an additional noise process and using kalman filter to estimate the mobility state vector. Noise P is Equation 3: where, the matrix Q and covariance matrix of ω n is given. The discrete command process u n consists of two zero mean independent semi-Markov processes, so the covariance matrix of u n is Equation 4: where, 2 u σ is the variance of u x or u y .

System Normal Functioning Phase
Let us consider a reliability R of a 40-node system. The system is said to be functioning properly only if all the components or at least one route from node X to node Y are functioning properly.

JCS
We have Equation 11: Thus the steady state availability A is given by Equation12: Reliability and availability ensures that node is consistent in its performance or not.

Preventive Maintenance System
In Fig. 2 the preventive maintenance system in every node running as zone leader node collects the trustee and bucy trustee values for every neighbour zone head and respective members. Zone head trustee is calculated by multiplying value with the estimated maximized threshold trust value and then the average of the entire trustee values are consolidated and final value is determined Equation 13: where, ω is trustee value and v i is bucy trustee value. These values could be moderated by Equation 14 and 15: Summarizing these two equations we can derive: This value is distributed to all the neighbour cluster head nodes. Based on successful data delivery rate and successful experience rate, the initial trust value obtained from zone head on node detect K i as trustee factor (K i = 0 denotes malicious and K i = 1 denotes non-malicious).

Algorithm for Detector Module
The Detector module is the heart of the system. This module inherits the functions where the node checks whether the node is malicious or not. The module computes the reliability and availability of the system. If the value exceeds the threshold value then the system is checked for its incompatibility. The algorithm for detector module as follows:

PERFORMANCE EVALUATION
We have implemented our automatic detector as a network simulator 2 (ns-2) to the ZRP protocol to get the result for our analysis. In our case we have selected our campus as our network scale. Table 1 employs the simulation setup comprising of 50 mobile nodes moving at a variable speed. Simulation area taken is 1200×1200 m. Packet inter-arrival time (sec) is taken exponential (1) and packet size (bits) is exponential (1024). The data rates of mobile nodes are 10 Mbps with the default transmitting power of 0.010 watts. Random waypoint mobility model is selected with constant speed of 10 m/sec and with pause time of contact 5 to 10 sec. The number of multicast group is 1. The period of sending RREQ packet is 2 s. The ratio of nodes to be included into a zone is 0.8 which means at least 80% of the nearest nodes are included in the zone.
Maintaining the detector to behave consistently is a key issue when detecting black holes, the DTD works well as far as the node speed was concerned.

Simulation Results
In our simulation let us first examine our node's trust table given in Table 2 where we have mentioned a sample of two nodes where ω i and v i are the two new trust parameters we have introduced in our ZRP and the detected list is maintained by ϖ our detected list. Based on our trustee values which fall between 0 and 1 our detected list is maintained.   Futhermore we also set our basic parameters which is given in the following Table 3 where N is the no. of nodes we have taken, T is the time interval and ∆ t is the timestamp, ω i and vi are our new trustee parameters with which we calculate the threshold value K i finally the detected list of nodes are indicated by the ϖ value. Based on these values we have obtained the following Fig. 6 which gives the performance between the standard ZRP and our DTD ZRP. We have drawn our results based on three important performance parameters the packet delivery ratio, packet loss ratio and the total packets transmitted. Figure 3 shows the packet delivery ratio of the standard ZRP and DTD ZRP as a function of node speed and Table 4 illustrates the values obtained. Packet Delivery Ratio is the number of data packets delivered to multicast receivers over the number of data packets supposed to be delivered to multicast receivers. We assumed 20 multicast receivers exist among the 50 network nodes. As confirmed by Fig. 3, packet delivery ratio decreases as nodal speed increases. This is due to the higher probability of link breakage and topology change, which cause more multicast control packets to be transmitted, lowering the overall data delivery ratio. As the nodal density doubles, the packet delivery ratio only lowers slightly, indicating the good scalability of the DTD ZRP scheme. Overall, a relatively high packet delivery ratio can be obtained. Figure 4 shows the average number of total packets transmitted per data packet delivered. Total packets include data and control packets. Since most Medium Access Control (MAC) schemes used in MANETS are contention-based, it is crucial to be able to send one data packet with as less control packets as possible.

Packet Delivery Ratio for Varying Node Speed
When nodes contend less for the channel access, the probability of successful delivery of packets in a short time becomes higher. As suggested by Fig. 4, the average number of packet transmitted per data packet delivered maintain relatively in the range of 1.2-1.5, although it climbs up as the node mobility increases. Total packets sent in the network with DTD ZRP scheme are a little more than in the network of Standard ZRP nodes. Therefore, the control packet overhead introduced by the standard ZRP is overcome by DTD ZRP scheme showing good scalability ( Table 5).

. Number Black Holes Detected
The average number of control bytes transmitted per data byte delivered is shown in Fig. 5 and the values are given in Table 6. Here, we choose to use a ratio of control bytes transmitted to data byte delivered to investigate how efficiently control packets are utilized in delivering data. To deliver packets reliably to the destination, some control packets have to be sent. Protocol design has to make some compromise between efficiency and reliability. Fig. 5 shows that DTD ZRP gets high reliability with relative low control overhead.

JCS
The final indication of the performance of a DTD ZRP scheme is its detection of black holes at a consistent level a good multicast scheme should scale well even if a wide range of number of receivers "tap" to the multicast group. We present our simulation results of the DTD ZRP scheme in this respect in Fig. 6 and the values in Table 7.When the receiver number equals to 1, it ensure trusted path and high packet delivery ratio is assured. In standard ZRP the results are shown where the detections are not given so the packet loss occurs frequently.

CONCLUSION
This study is an improvisation of my previous work on Black Hole attack with cluster topology, where different scenarios with respect to zones where analyzed. Based on the introduction of the new trustee parameters we have drawn a conclusion that new approach identifies the black holes and maintains the consistency in routing. More study is suggested to implement this mechanism to scale for a larger group of networks.