1 Introduction

Nowadays, due to advancement in technology in the area of wireless networks there are security threat issues, especially, malicious entry to the nodes. It is mandatory to protect the data and resources from security attacks and safeguard the network. In areas of applications like military, rescue operations, government, business and academic organizations, eavesdropping and electronic fraud are major risks to the administration. When some secret information has to be shared between two parties, messages should be encrypted using strong algorithmic concepts, digitally signed and properly authenticated. Proper selection of routing protocols and hashing functions play a major role in network security. In MANET, the secure, efficient distance vector routing for MANET (SEAD) [1] described the evaluation of dynamic sequence distance vector (DSDV) for the secure routing protocol. This process supports the protection to denial of Service (DOS) attacks and robust compared to a couple of encoding attackers rising the incorrect routing state in a few other nodes. According to this, SEAD shared has to be more readily authenticated. The enhanced acknowledgement concept has been proposed [2] in which the malicious nodes are detected with the help of the techniques such as acknowledgement (ACK), SACK, and MRA.

Considering the ACK, the sender sends a message to the receiver through a direction by the help of a signed keying technique. This technique uses a separate hash function called hand key function ‘S’. The signed messages are sent to the receiver through intermediate nodes to the destination and destination node after receiving a message, it sends back the ACK message back to the sender node. If the ACK message is received in a particular time, then the network is said to be good. If the ACK message is not received, then the algorithm moves to next phase SACK. In a SACK, the root nodes are clustered and ACK messages are sent in-between them, if some of the nodes are not sending the ACK message then the node is detected as malicious node and the report is sent to sender for verification.

During verification, the sender node receives the report packets, and reverts those particular packets to the destination in alternate path. The receiver checks for correctness and the destination’s report is matched with the sender’s report after which the node is marked as malicious node. But they still lack the ability to efficiently classify the normal node from the malicious node. The hybrid approach of efficient Intrusion Detection System [3] has been proposed to identify isolation of attacks by using reactive and proactive protocols. Here a cluster forms and chooses a cluster head to transfer the packets among other nodes without malicious activities. But the rule for cluster consistency has to be improved in fuzzy control systems. A fuzzy based system has been proposed [4] by comparing the cluster nodes to improve security.

But this paper spends a lots of time and energy for detecting the malicious via locally and globally by broadcasting the key. Fuzzy based application has been proposed [5,6,7,8] to improve the security of cluster nodes as well as system performance by selecting the nodes with a secret key. Schemes such as F2SMC2 and F2SMC1 have been introduced. The F2SMC2 is more complex while analyzing this concept. Uncertainty Analysis Framework (UAF) has been proposed to calculate network belief, disbelief, and uncertainty (BDU) values, in which the network belief and gain increase in Packet delivery ratio to improve more trust, based routing protocol. According to this paper there are no sophisticated parameters to measure, disbelief and uncertainty values.

An optimized Fingerprint Minutiae-point Non-invertible Key (FMNK) [9,10,11] has been proposed to secure, authenticates the MANET by using a Secure Socket Layer (SSL) as well as utilizing a biometric image model. Here the information is encrypted by applying key to increase security. By rendering this concept and using SSL encryption algorithm m model with FMK key produces more complexity. As we observe from the literature that most of the investigations still require more security and less complexity. The proposed method concentrates on more on security and to achieve less network complexity. This is done by using a CBSDV scheme in which all the data of the nodes entering into a network or exiting from the network are maintained by Credibility Check Table (CCT) and update automatically. Here, secure data transmissions in MANETs are obtained with the help of an efficient routing protocol and cryptographic keying technique. Two steps are involved, first routing and then cryptographic keying for protection of packets in the transmission.

Further the Packet Delivery Ratio increases, the delay decrease, thereby decreasing the network complexity.

The rest of the paper is organized as follows. The current chapter gives the literature survey and problem definition. Section 2 gives a brief description of the proposed system model. Section, 3 gives a research methodology. Performance analysis is illustrated in Sect. 4, result in Sect. 5. Finally concluding remarks are given in Sect. 6.

2 System model

The system model of the Fig. 1 shows the proposed methodology as well as it is divided into three steps.

Fig. 1
figure 1

Proposed methodology (step 1, step 2, step 3)

Full size image

Step 1 In this, the main node creates a public key and sends to all the nodes present in the network to initialize the process. The system model of the network consists of 27 nodes. Assuming that 27th node generates the common public key to all other nodes, and it initializes.

In step 2, node 0 broadcasts the route request to neighbor nodes. Here the nearest neighbor node is node 1. Node1 once receive the request, send the acknowledgement to node 0. Then the node 0 will be initialized for its more process.

In step 3, by using CBSDV technique node 0 checks node 1’s qualifications by matching it with the “Credibility Check Table”. If it does match with that table, then node 1 is said to be malicious and it drops that node. If it matches, it performs the curve function which is y = ax2 + bx + c and then substitute the values in S = (x2 − x1)/(y2 − y1).

Let this value be S. If S is greater than the threshold value for single node, node 1 is said to be malicious and it will be dropped out. If the value of S is less than or equal to the threshold value for single node the encrypted message along with the encrypted secret key of node 0 will be sent to node 1. Now node 1 will proceed the communication.

  • Step 1 Main node generates the public key

    figure c

  • Step 2 Node sends route request and gives acknowledgement

    figure d

  • Step 3 Checking with credibility check table and applying curve based cryptography for security

3 Research methodology

In this proposed methodology, two techniques are considered such as CBSDV routing protocol and curve based cryptography that gives security in wireless MANET. The hashing function is used and its speciality is that every node changes its secret key after sharing its keys to the corresponding nodes in achieving maximum security, which is described in below.

3.1 Routing protocol

For node to node communication CBSDV routing protocol is used, which is a table based routing protocol. CCT is a subpart of CBSDV on which the source node collects all the information about the nearby one such as hop count, time taken, energy values and the trust scores (credibility score) of the communication networks. Three conditions have to be satisfied for achieving a good credibility score are as follows:

  1. 1.

    The node should be already an existing node.

  2. 2.

    The node should be the shortest route while travelling from source to destination.

  3. 3.

    When the source sends the ‘test’ message to a particular node, it has to finish the transmission to its neighbour node within a specific time limit.

Table 1 shows an example of source node CCT as well as Fig. 2 depicts the working process of CBSDV and CCT, Fig. 3 shows the algorithm for CBSDV. It can be clearly seen that for node A1 routing concept, the number of hops is 3, credibility score is the maximum which is 46 and the sequence time is 001000 ms. For node A4 and node A6 routing concepts, the number of hops are 2 and 1, credibility scores are 36 and 26, for the sequence time 001200 and 001500 respectively.

Table 1 Example of source node credibility check table (CCT)
Full size table
Fig. 2
figure 2

Working process of CBSDV and CCT

Full size image
Fig. 3
figure 3

Algorithm for CBSDV

Full size image

Figure3 shows about the algorithm for CBSDV. It shows about how the hash function secures the data while at transferring. The Credibility Vector Table (CVT) updates and checks the information of each transmission once the node enters into the network. If it matches allow transferring the data for transmission else it drops the data.

Here for understanding three paths are taken for transfer of data from source to the sink node. Figure 4 shows the routing concept using three paths. The first path is source, A1,A2, A3, sink. The second path is source, A4, A5, sink. The last path is source, A6, sink.

Fig. 4
figure 4

Routing concept using three paths

Full size image

3.2 Cryptographic technique used for data security

To secure data from external attacks, we need a security algorithm to protect the data from being decrypted by an attacker node. The security algorithm used for this purpose is curve based cryptographic technique.

3.3 Curve based cryptography keyin

It is a public key cryptographic technique which can be also said as two-key cryptography technique. The encryption is done by curve function and the curve, which is used for encryption is sent only to genuine nodes. In this method the key value’s i.e. both public and private key will be encrypted on another curve function equation. For example curve equation of a parabola is written as

$$y = ax^{2} + bx + c$$
(1)

where a, b are the co-efficient of the parabola and C is a constant value which are the values sent as the public key. A, B are intercepts of the parabola.

Consider, for example: a = 2, b = 4. And c = 5 in this case.

For calculating the value of the slope (Which is the secret key), a line has to be drawn connecting the origin (−1, 3) and (0, c) the value of c is 5 in this equation.

The slope function of that curve will be given as.

$$\begin{aligned} S = \frac{{x_{2} - x_{1} }}{{y_{2} - y_{1} }} \hfill \\ S = \frac{{0 - \left( { - 1} \right)}}{5 - 3}, \hfill \\ \end{aligned}$$
(2)

therefore the value of S is 0.5.

This is used as the secret key.

Figure 5 shows technique for the curve function used is a parabola, and the curve function which is used to encrypt the data has to be updated regularly. This increases the security of the encryption. By this way the curve function is updated regularly in a successful transmission made by the data. In this curve based cryptographic technique. Where x and y are the private keys and intercepts of the curve. a, b are the co-efficient values which act as the public key. ‘K’ is the number of bits that are transferred from the sender. The sender sends the message with a public key to all the nodes surrounding the sender node and the receiver node decrypts the message.

Fig. 5
figure 5

Example of curve based cryptography

Full size image

Figure 6 illustrates the steps for curve based cryptography. Every node assigns a hash function (Curve function) that can be encrypted with true nodes in the transmission. The nodes that cannot decrypt the message is assigned as malicious nodes. To detect whether the node has taken part in the transmission, the key hashing methods has to be updated regularly. This removes the effect of malicious nodes entering into the transmission.

Fig. 6
figure 6

Steps for curve based cryptography

Full size image

4 Performance analyses

The proposed KEY mode technique performance is analyzed by using three types of modes called ACK, SACK and MRA. The number of wireless nodes for ACK, SACK and MRA are 25 whereas in key mode it is 27. The network size is assumed to be same for all the modes. For the existing modes which are ACK, SACK and MRA the protocol used is AODV whereas it is CBSDV for key mode. Table 2 shows that the range of node communication for ACK, SACK, MRA and KEY modes are 500, 900, 1000 and 1000 m respectively. Maximum transmission of data is achieved only in KEY mode which is 100 to 900 m. Similarly, maximum throughput and bandwidth are achieved in the KEY mode which are 100 mbps and 1000 mbps respectively. The frequency and packet transmission are maintained the same for all the modes which are 50 Hz and 1000 bytes respectively. KEY mode has the highest packet rate which is 1000 mbps. As far as the request message interval is concerned, it is 10–20 s for the KEY mode which is an added advantage. Finally, the simulation time is achieved to be the same for all the modes which is 2000 s.

Table 2 Proposed technique CBSDV with key mode
Full size table

5 Results

The data transmission of the proposed methodology which is CBSDV along with the EC is compared with existing methodology which are EAACK (RSA) and EAACK (DSA). The results are discussed as follows.

Figure 7 Shows the time versus delay of transmission graph. X-axis denotes the number of users performing the communication and Y-axis is the time taken for delay of transmission. First of all end–end delay transmission is calculated and the data is transmitted without applying the key. The transmission with the key and the throughput for 20 users are 13 and 12.5 ms respectively, both decrease as the number of users increase. For 150 and 200 users they increase and reach 11.5 and 10.5 ms respectively. i.e. for 150 users the delay is very less which is a positive one. As far as end–end-delay is concerned, it also decreases initially, but there is a sudden increase when the number of users are 200. This shows that there is a malicious activity or packet drops at the point 13 ms. Finally the number of users increase and there is a gradual decrease in latency which is 11 ms. Therefore, the malicious node is found in this process.

Fig. 7
figure 7

Time versus delay of transmission graph

Full size image

Figure 8 shows time versus PDR. The Packet Delivery Ratio is the ratio of number of packets received to the number of packets sent. The graph shows the latency of communication. From the above graph it can be clearly seen that the data transmission with the key and the throughput for 20 users are 13 and 12.5 ms respectively, both decrease as the number of users increase. For 150 and 200 users they increase and reach 11.5 and 10.5 ms respectively. i.e., for 150 users the delay is very less which is a positive one. As far as end to end delay is concerned it also decreases initially, but there is a sudden increase when the number of users are 200. This shows that there is a malicious activity or packet drop at the point 13 ms.

Fig. 8
figure 8

Time versus packet delivery ratio (PDR)

Full size image

Finally the number of users increase and there is a gradual decrease in latency which is 11 ms. As a result malicious is found in this process.

$$PDR = \frac{No\;of\;packets\;received}{No\;of\;packets\;sent}$$
(3)

Equation (3) says that generally packet delivery ratio is nothing but the number of packets received is divided by number of packets sent. The packet delivery ratio increases parallel with the increasing in secure key maintenance and verification of packet size level (i.e.) buffer size level. X-axis denotes the time (s) whereas Y-axis denotes the Packet delivery ratio. From the above graph it can be seen that as the time increases the data transmission with ‘Time To Live’ (TTL) keeps on decreasing until 150 s. But after 150 s it tends to increase faster and finally maintains a constancy of Packet delivery Ratio (PDR) of 13.5. The delay keeps on decreasing and maintains constancy at 2.5.

By using the unique secret key the data transmission takes place securely till the destination is reached even though there is a drop in the packets. By using the secret key mechanism, the packet delivery ratio is increased and also there is a reduction in the delay of transmission in the network.

Figure 9 shows the time versus throughput. X-axis denotes the number of user request and Y-axis denotes the throughput (Mbps) for increasing the Packet delivery ratio. The graph depicts that as a number of request increases, the data transmission with TTL and key maintenance increases and reaches a throughput of 9 and 6.9 respectively. Meanwhile as the number of request increases the buffer level verification also increases till a throughput of 6.2 is reached. But it maintains almost constancy and reaches a throughput of 6.9.

Fig. 9
figure 9

Time versus throughput in communication

Full size image

When the packet size increases or decreases from the initial packet size level, packet drop occurs in the secured network but the throughput detects the secure key and improves the throughput performance in the network.

6 Conclusion

In this paper, we have proposed an approach using CBSDV with Curve based cryptography along with Hashing function to improve the security level. whenever misbehavior occurs a unique key is generated, to achieve a secure transmission. since it is time-based key, it changes from time to time and it is easy to verify. To improve further, the key mode is used when the delay occurrence is found while dissatisfying the TTL and it also identifies the duplicate key in the network. CCT checks the data of every node and finds the malicious activity. The hashing function is used and it helps to update the secret key after the detection of every malicious activity. The encryption is done using the curve function in curve based cryptography, there is a chance of detecting the malicious activity. Therefore this proposed Cryptography techniques are used to hide the data Source Node ID, Packet Size, Node Location, and Destination Location and so on. Simulation results show that proposed scheme provides better secure network and CBSDV, hop count, time duration, energy values and trust scores decided the network performance between the source and destination in the network. However, this research work can be extended with energy harvesting and increasing the network lifetime.