RETRACTED ARTICLE: Enhanced trust based encroachment discovery system for Mobile Ad-hoc networks

Abstract

The ultimate goal of this paper is to avoid inclusion of intruder node in the route and to ensure reliability. The trust metrics are used to provide the secure communication. Opportunistic routing scheme is used to ensure reliability or data consistency in the MANET. In the opportunistic routing, each and every node has the chance to select the next intermediate node. The best intermediate node is selected based on the trust value of a node. Each and every mobile node maintains the trust value for its neighbors. The trust value is calculated based on the node’s Quality of Service parameters. In the opportunistic routing, each and every node maintains the trust value for its neighbor nodes. The next forwarder node is selected from the neighbor list. The node with highest trust value is selected as next forwarder node. In the proposed method a node does not maintain the static route to reach the destination. Instead of that the node selects the next forwarder node during runtime. We present a Enhanced Light-weight Trust-based Routing protocol (ELTB). It is light-weight in the sense that the intrusion detection system (IDS) used for estimating the trust that one node has for another, consumes limited computational resource and finding the best optimal path for packet transmission. Moreover, it uses only local information thereby ensuring scalability. Our Enhanced Light-weight IDS takes care of two kinds of attacks, namely, the blackhole attack and the grey hole attack. It is beast suite for highly dynamic environment to handle the frequent link failure. So, the source node transmits the data to the destination node only via trusted node to ensure secure routing in the MANET. The authors have used AODV as the base routing protocol to evaluate our proposed approach and give a performance analysis.

1 Introduction

The vast majority of the Mobile Ad hoc networks (MANETs) secure directing conventions in the writing use cryptographic methods to secure the steering convention. Be that as it may, the drawback of utilizing cryptographic approaches is that they are known to be computationally extremely costly, which does not offer well to consolidating them in Mobile networks. Consequently, in the endeavor to keep a few attacks, these conventions make new roads for denial of service (DoS) [1] attacks. In addition, a few such secure directing conventions assume the presence of a unified or dispersed confided in outsider in the system. In this way, it is turning out to be more satisfactory to consider trust based directing as a practical security arrangement, in which a trust based plan is utilized to ensure the secure routing convention. Each node in the network autonomously executes a trust model to evaluate the trust it has on different nodes in network. This assessed trust esteem is utilized amid directing choices for path discovery.

Trust-based directing conventions [2] endeavor to build up most trusted path as opposed to briefest path as is done in customary routing conventions. The accompanying are a few plans utilized for assessing trust in MANETs found in the writing. A few trust estimation plans, for example, utilize an intrusion detection system (IDS) that screens neighborhood activity to gauge trust. In any case, they require buffering of packets and identification of packets for transmission, which expends impressive computational assets. Our approach likewise screens the area activity yet without expecting to cradle packets or scan for them, therefore decreasing this overhead significantly. Despite the fact that these plans address a few different issues (attacks), which our proposed approach does not, we can at present contrast our work and them as we discover them comparative in some ways.

Our approach addresses just packet dropping attacks for example, black hole attack. While the up to said plans might be gone for taking care of various issues, for instance, guaranteeing tried and true steering or upholding participation of nodes, neighborhood look for dropping of packets is a typical system utilized as a part of every one of these strategies [3]. Consequently, our strategy can be joined with some other procedure that utilizations neighborhood look for dropping of packets for a more proficient arrangement. In addition, it can be utilized to execute a proficient instrument for accomplishing participation among nodes. In the greater part of them, bad conduct of a node affirmed on coming to of a limit, which requires wise setting. Our approach does not utilize threshold detection. All the more essentially, they require the buffering of packets (or mark of packets) and consequent hunting of the support down a match, which is a more overhead. This overhead is kept away from in our work.

Our approach can likewise be utilized autonomously to set up dependable routes within the sight of black hole and grey hole attacks or to supplement crypto-based secure directing conventions. These attacks are noteworthy since they are viewed as deadly regarding hampering accessibility of system administration and they affect on the system availability much severer than different attacks.

In addition, arrangements in light of cryptography [4] are inadequate against insider attacks, for example, black hole or greyhole. Thus, a few analysts have dealt with concentrate the impact of these attacks and moderating them. Our work utilizes confide in measurements to maintain a strategic distance from the consideration of acting malicious nodes while establishing routes. While these consider diverse factors such as software configuration, hardware setup, battery control, connect quality, quality-of-service parameters and behavior of neighbors, our work considers just the bundle sending conduct of a neighbor in assessing its trust level. Be that as it may, the strategies for assessing the segments of the trust model are distinctive.

Mobile Ad hoc networks (MANETs) were initially intended for a helpful situation. To utilize them in hostile situations, trust-based directing can be utilized, where as opposed to setting up the shortest routes as done in conventional routing protocols, most trusted routes are built up. Already, the writers show a light-weight trust-based routing protocol. It is light-weight as in the intrusion detection system (IDS) utilized for assessing the trust that one node has for another, devours restricted computational resource. Besides, it utilizes just neighborhood data accordingly guaranteeing versatility. This light-weight IDS deals with two sorts of assaults, to be specific, the black hole attack and the greyhole assault.

1.1 Disadvantages

1. 1.

   More delay happens due to link failure in MANETs.

2. 2.

   Behavior of the neighbor node, i.e., pack forwarding is used to find the trust value.

3. 3.

   Low system throughput.

The proposed method diminishes transmission delay by utilizing opportunistic routing furthermore the trust esteem is figured by utilizing the extra parameter link quality. It guarantees dependability and give high framework throughput.

2 Related works

This section exhibits the current Secure Routing Protocols (SRPs) for MANET with their confinements.

2.1 Secure Routing Protocol (SRP)

Secure Routing Protocol (SRP) as an answer for securing MANET [5, 6,7,8]. SRP requires a security relationship between the source and goal nodess and the creators affirm that SRP ensures the node starting a route discovery will have the capacity to distinguish and dispose of answers giving false topological data, or, abstain from accepting them. SRP is executed as an augmentation to a base reactive protocol, for example, AODV. The authors display various attack situations, and portray how their convention upsets those assaults.

As appeared in Fig. 1, SRP utilizes a route field in RREQ and RREP packets. Every intermediate node annexes its identifier to the course field as a directing packet spreads from the source to the destination.

Fig. 1

Secure Routing Protocol

The attack is proficient by the malicious node just going about as a hand-off for both the route request of forward path and the reply of reverse path. This outcomes in agreement by the source and goal on a route that is subject to the malicious node, yet does not reflect that reliance.

2.2 Authenticated Routing for Ad hoc Networks (ARAN)

ARAN utilizes declarations for confirmation and non-denial [9, 10], however does not ensure security for its protocol messages. In spite of the fact that ARAN does not take after a DSR-type route discovery and output, the key point is that every node on the way from the source to the goal is required to take off the past bounce’s mark and endorsement and add its mark and testament before communicating the packet.

The attack on ARAN can undoubtedly be demonstrated conceivable among path discovery and setup by any moderate node. In the above illustration, if node C rebroadcasts node B’s packet amid path discovery and again transfers node D’s packet amid path setup, node’s B and D are uninformed of C’s nearness. At the point when C node does not forward information parcels sent along this route, link breaks that are identified don’t distinguish the nodes effectively, i.e. C is never in the snap from node B and node D’s perspective. This straightforward transfer attack in this manner shows a noteworthy security deficiency in ARAN [11,12,13].

2.3 Security-Aware Ad hoc Routing protocol (SAR)

SAR [14] is a steering method that inserts security measurements into the on-request route revelation of any base convention like AODV or DSR. The sending systems are changed as for the Route Requests (RREQ). The source node sets the (unchanging) RQ_SEC_REQUIREMENT field in the RREQ and communicates the RREQ. On receipt of the RREQ packet, a transitional node checks in the event that it fulfills the security prerequisite showed in the parcel. On the off chance that it does, it redesigns the RQ_SEC_GUARANTEE field before sending the parcel. Else, it drops the parcel. Spread of RREPs is like that of the base convention. Encoding or carefully marking the RREQ headers will forestall alter and fabrication of messages by a vindictive node.

On the off chance that a malicious node M that does not fulfill the security necessity demonstrated in the RREQ rebroadcasts the approaching RREQ packet as opposed to dropping it as required by the protocol, two nodes A and B dependant on M to speak with each other will now be tricked into trusting that they are next-hop neighbors of each other. The entry of the RREQ at the destination along these lines does not ensure the nearness of a way fulfilling the security prerequisite indicated by the sender. It is not clear from their work with respect to how such noxious behavior can be defeated.

2.4 Secure Position Aided Ad hoc Routing (SPAAR)

Position based routing protocols [15, 16] can offer a huge execution increment over Ad hoc routing protocols. These routing protocols utilize land data to settle on sending choices, bringing about a critical diminishment in the quantity of direction-finding messages. Be that as it may, current position helped routing protocols were not intended for use in high-hazard situations, as position data is communicated free permitting anybody inside range, including the adversary, to get. Secure Position Aided Ad hoc Routing (SPAAR), a steering convention intended to utilize ensured position data to enhance security, effectiveness, and execution in MANET directing.

To enhance the productivity of MANET routing position based protocols have been implemented. Carter et al., influence the positive properties of position-based routing protocols to release the undetectable node attack and give a routing protocol that is secure even in an hostile situation. Shockingly, SPAAR neither cases nor deeds to avoid attacks by traded off or trickster nodes. The protocol particularly requires that every single trusted node act as per the protocol rules. Absolutely, this is sensible and usable in numerous situations. Nonetheless, it additionally can’t be viewed as a far success arrangement.

3 Proposed method

3.1 Trust model

In our trust model, every node maintains a value (which we call trust value) for each of its neighbours (nodes that are within its radio range). This value is a degree of the level of trust it has on its neighbour. For scalability, we have designed our trust model such that the trust value is calculated using only local information. Let T_A(B) denote the level of trust of node A on neighbour B. 0 ≤ T_A(B) ≤ 1. We have taken T_A(B) to be the weighted average of two components (Fig. 2)

Fig. 2

Direct Trust and Indirect Trust: 1. Source node A calculates Direct trust on node B based on its own observation.2.Source node A calculates indirect trust on node B based on C’S recommendation

$${\text{T}}_{\text{A}} \left( {\text{B}} \right) = \alpha {\text{T}}_{{{\text{A}}({\text{self}})}} \left( {\text{B}} \right) + \beta {\text{T}}_{{{\text{A}}({\text{neighbour}})}} \left( {\text{B}} \right)$$

(1)

T_A(self)(B) represents the trust of node A on node B, based on node A’s observation of node B’s behaviour (e.g. by monitoring traffic of node B). T_A(neighbour)(B) represents the trust that neighbours of node A has on node B. These neighbours of node A are also neighbours of node B.

By varying the values of α and β, we can vary the weight of self-trust as compared to neighbours’ trust in evaluating the overall trust. It is clear that T_A(neighbour)(B) is the average of the existing trusts of the neighbours. Thus, in our node trust model, the past history is also taken into account. This is important when we want to evaluate trust based not only on present observations but also on past behaviour.

In our trust model, apart from the nodes maintaining trust values for their neighbours, the routes that are established also have trust values associated with them. This is needed so as to facilitate a node while establishing routes. It enables a node to decide whether a new route to a destination node that is showing up at the moment is better (has more trust value) than the existing one. The trust value of a node can be considered as a degree of the reliability of that node. The route is nothing but a sequence of nodes.

Consequently, the reliability (trustworthiness) of a route depends on the reliability of all the nodes in the route. Let a route r consisting of l nodes be represented by a sequence a₁, a₂,…, a_l where a_i is the ith node in the sequence.

3.2 Trust estimation

In the proposed strategy, each node keeps up a trust value for each of its neighbors (nodes that are inside its radio range). This value is a measure of the level of trust it has on its neighbor.To calculate trust we adopt the framework of Colloborative Trust based Secure Routing protocol (CTSR) [17] and for adaptability, we have outlined our trust model with the end objective that the trust approval is assumed using nearby data.

Let T_A(B) mean the level of trust of node A on neighbor B. The estimations of T_A(B) run from 0 (signifying positively no trust) to 1 (indicating full trust) 0 ≤ T_A(B) ≤ 1. We have taken T_A(B) to be the weighted normal of two parts.

$${\text{T}}_{\text{A}} \left( {\text{B}} \right) = \alpha {\text{T}}_{{{\text{A}}({\text{self}})}} + {\upbeta}{\text{T}}_{{{\text{A}}({\text{neighbor}})}} \left( {\text{B}} \right)$$

(2)

T_A(self)(B) speaks to the trust of node A, in view of node A’s perception of node B’s conduct (e.g. by observing movement of node B). T_{A (neighbor)}(B) speaks to the trust that neighbors of node A have on node B. These neighbors of node A are additionally neighbors of node B. α +β = 1 and 0 ≤ α, β ≤ 1. Let a₁, a₂, a₃… a_n be the neighbors of node A (where n is the quantity of neighbors) with the end goal that they are additionally neighbors of node B.

By differing the estimations of α and β, we can in this way shift the heaviness of self-trust when contrasted with neighbor’s trust in assessing the general trust. Obviously,

T_A(neighbor)(B) is the normal of the current trusts of the neighbors. In this manner, in our node put stock in model, the previous history is additionally considered. This is imperative when we need to assess trust construct in light of present perceptions as well as on past behavior.

Accordingly, T_A(self)(B) is the proportion of the quantity of packets sent to the quantity of packets to be sent. Every node utilizes the above recipe occasionally (after each “NodeTrustUpdate” interval) to overhaul the node trust of its neighbors.

3.2.1 Trust based routing scheme

While our proposed strategy can be joined in any directing protocol, we have picked on-demand distance vector routing (AODV). In AODV, the most brief route is built up among path foundation. We make changes in AODV so that the most trusted course is picked rather than the shortest route. At the point when there is a tie, that is when at least two paths have a similar trust value, the path with shortest route nodes is picked.

As appeared in Fig. 3 the source node ascertain path in esteem in the accompanying way. Let a path “r” comprising of “l” nodes be spoken to by a grouping a₁, a₂… a_i. where a_i is the ith node in the arrangement.

Fig. 3

Flow diagram of Enhanced Trust based routing scheme

Then, the trust value of route r, denoted by R_r is given as

$$R_{r} = T_{a1} \left( {a2} \right)T_{a2} \left( {a3} \right) \ldots T_{ai - 2} \left( {a_{l - 1} } \right) = \, \mathop \varPi \limits_{i = 1}^{l - 2} \, T_{ai} \left( {ai + 1} \right)$$

(3)

The source node selects the route with highest trust value. Highly trusted route Enables reliable communication and provides security against black hole attack and grey hole attack.

Implementation of the trust estimation scheme requires the following changes on the data structures of AODV. To the existing fields in the original AODV neighbour table entry, the following fields are added: (i) To Forward, (ii) Forwarded, (iii) current window (C_Window), (iv) source list (Sc_List) and (v) neighbour trust (Nb_Trust). All the names of the fields are self-explanatory. The field neighbour trust denotes the trust on the neighbour. For the route table entry, only one field route trust (Rt_Trust) is added to the existing fields. The field route trust denotes the trust value of the route. Similarly, for the route request (RREQ) and the route reply (RREP) packets also, a field each denoting the trust value of the route represented by these control packets is added.

One way of getting the trust values maintained by the neighbours is for every node to periodically broadcast to its one-hop neighbours a packet containing the trust values that it has for its neighbours. Thus, a new control packet is required, which we call TRUST packet. The first and second fields of the TRUST packet are used to send the type of the packet and the number of neighbours for which the sender node is sending the trust values, respectively. Periodically, a node not only broadcasts a TRUST packet to its one-hop neighbours but also calculates the average trust contributed by its neighbours.

4 Simulation results

We simulated both the LTB-AODV or ELTB or ELTB-Trust and the AODV protocols in the situation when some nodes are made to exhibit malicious behaviour by dropping all data packets(that they are supposed to forward) that come their way. We considered three cases when 3 (20%) nodes, 5 (33%) nodes are malicious. In LTB-AODV, node trust values are updated after every ‘NodeTrustUpdate’ interval. Thus, after a period of time, the malicious nodes would have exhibited their malicious behaviour and their neighbours would have noted it and consequently updated their node trust values.

The NS2 Simulator is primarily utilized as a part of the examination field of systems and correspondence. The NS2 is a discrete occasion time driven test system which is utilized to assess the execution of the system. Two dialects, for example, C++, OTCL (Object Oriented Tool Command Language) is utilized as a part of NS2. The C++ is go about as back end and OTCL is utilized as front end. The X-graph is utilized to plot the chart in the graph blue coloured label indicates our proposed scheme which was implemented with modifications of AODV known as AODV Trust (Table 1).

Table 1 Simulation parameters

The Packet Loss Ratio, Packet Delivery Ratio, End to End delay and Throughput are the parameters used in the simulation to evaluate the proposed method.

4.1 Packet delivery ratio

This is the proportion of the information packets conveyed to the Destination effectively.

The Packet delivery ratio is one of the imperative parameter to assess the quality of the system. Figure 4 demonstrates the diagram for analysis of packet delivery ratio.

Fig. 4

Packet delivery ratio

4.2 Packet loss ratio

Packet loss ratio is specifically inverse to the packet received rate. The proportion of number of packets dropped per unit time is called as packet loss ratio. The packet loss ratio is defined below and shown in Fig. 5

$${\text{Packet loss ratio }} = \, \frac{\text{Number of packets dropped}}{\text{Time}}$$

Fig. 5

Packet loss ratio

4.3 End to end delay

The time taken by the source node to convey the information effectively to the destination is called as end to end delay (Fig. 6).

Fig. 6

End to end delay

4.4 Throughput

The amount of packets delivered to the destination per unit of time is known as the throughput.

Throughput is calculated by using this formula

$${\text{Throughput}} = {\text{Number of packets delivered}}/{\text{Timeperiod}}$$

Figure 7 presents the throughput analysis of the proposed scheme. From the simulation results presented above, the proposed scheme provides higher performance than the traditional routing protocol AODV alone in the presence of malicious nodes. As the number of malicious nodes increases, the system throughput decreases.

Fig. 7

Throughput

5 Conclusion

We have exhibited a trust metrics based scheme of routing to stay away from consideration of getting out of hand nodes in the route. The proposed trust evaluation strategy, which is executed by each node in the system autonomously, utilizes just nearby data in this manner making it adaptable. In addition, not at all like different strategies in light of checking movement that require a considerable measure of space and time for buffering packets and looking for a packet match, our approach does not require such an overhead. Additionally, we fuse our proposed system with the conventional routing protocol AODV. Reproduction comes about outline the viability of our approach.

Change history

• 05 December 2022

  This article has been retracted. Please see the Retraction Notice for more detail: https://doi.org/10.1007/s10586-022-03834-6