Upload
jock
View
44
Download
0
Tags:
Embed Size (px)
DESCRIPTION
New Approach for Selfish Nodes Detection in Mobile Ad hoc Networks Djamel Djenouri: Basic Software Laboratory, CERIST Center of Research, Algiers, Algeria. Email: [email protected] Nadjib Badache: Computer Science Department, USTHB University, Algiers, Algeria. - PowerPoint PPT Presentation
Citation preview
SeCQos Workshop, Athens, September 2005
1
New Approach for Selfish Nodes Detection in Mobile Ad hoc
Networks
Djamel Djenouri: Basic Software Laboratory, CERIST Center of Research, Algiers, Algeria.E mail: [email protected] Nadjib Badache: Computer Science Department, USTHB University, Algiers, Algeria.E mail: [email protected]
SeCQos Workshop, Athens, September 2005
2
Outline
1 Overview on Mobile Ad hoc Networks (MANETs) 2 Selfish behavior on packet forwarding problem 3 Watchdog4 Watchdog’s limitation5 New Solution6 Simulation results7 Perspectives8 Conclusion
SeCQos Workshop, Athens, September 2005
3
A MANET is a collection of Wireless mobile hosts making on the fly a temporary network, without relying on any fixed infrastructure. No central administration exists Mobile hosts cooperate to ensure roles ensured by the fixed infrastructure in traditional networks
MANET Overview (Definition)
SeCQos Workshop, Athens, September 2005
4
MANET Overview (Multi-Hop)
SeCQos Workshop, Athens, September 2005
5
• Dynamic Topology• Limited bandwidth• Limited physical Security• Infrastructurless• Limited energy resources
MANET’s features
SeCQos Workshop, Athens, September 2005
6
Selfish behavior
SeCQos Workshop, Athens, September 2005
7
Watchdog
• Proposed by Marti et al. In MobiCom 2000
• Many recent sophisticated solutions rely on it in their monitoring component
SeCQos Workshop, Athens, September 2005
8
Watchdog’s principles
• Based on the promiscuous mode monitoring and implemented with a source routing protocol.
• When a node Na sends a packet to Nb to forward to Nc, it monitors it by simply overhearing the channel, it validates the forwarding iff it overhears the packet retransmitted by Nb.
• This process is generated for each couple of hops in the route
SeCQos Workshop, Athens, September 2005
9
WatchdogIf packet heard OK
Else increase Nc’s failure Tally
failure Tally > threshold the node misbehave
SeCQos Workshop, Athens, September 2005
10
Watchdog’s detection drawbacks
• Does not detect correctly and could cause false detections when the power control technique is employed
• Does not detect selfish nodes in many cases (collisions, partial dropping, collusions)
SeCQos Workshop, Athens, September 2005
11
SeCQos Workshop, Athens, September 2005
12
New solution (Two-hop ACK)
• We propose a new monitoring solution based on two-hop ACK.
• Assume A monitors B’s forwarding to C, this latter acknowledges each packet by sending a two hop ACK back to A via B.
• An efficient asymmetric encryption strategy is used to ensure authenticity of ACKs and to prevent the following vulnerability:
SeCQos Workshop, Athens, September 2005
13
New solution (hop ACK)
• B misbehaves and drops packets, to circumvent A it sends it a falsified ACK on behalf of C.
• The encryption strategy we used gets over this vulnerability and,
• it is relatively of low cost, since it merely encrypts short random numbers, instead of compute digital signature on the packets.
SeCQos Workshop, Athens, September 2005
14
New solution (hop ACK)
- Generates r- Encrypts it with C’s PK- Adds it to the packet
- Decrypts r- Encrypts it with A’s PK- Adds it to a 2 hop ACK packet
- Decrypts r- - Checks whether it matches the one it generates - If so, it validates the forwarding
SeCQos Workshop, Athens, September 2005
15
Simulation results
SeCQos Workshop, Athens, September 2005
16
Two-hop ACKs Problem
• The obvious problem of our first solution is the important overhead it engenders, even if the nodes well behave. It requires a two-hop ACK for each data packet, which is costly.
SeCQos Workshop, Athens, September 2005
17
Perspectives
We plan to complete the proposal by • Reduce the overhead• Defining efficiently the threshold of
accusasion• Defining actions that have to be taken
when a node is accused as a selfish• and particulary by proposing a mechanism
allowing nodes to exchange their knowledge regarding nodes that behave selfishly.
SeCQos Workshop, Athens, September 2005
18
Random two-hop ACK
• To overcome the two-hop cost, we suggest that A would not continuously ask an ACK, but randomly decides whether to do so with a probability p, and maps the decision in the packet.
• This randomization and mapping prevent B from deducing which packet includes an ACK request, and let it motivated to forward all packets
SeCQos Workshop, Athens, September 2005
19
Random two-hop ACK
• P is updated according to B’s behavior, it is decreased each time B forward a packet until reaching its minimum value, and set to 1 upon a dropping detection.
• This way, more trust is accorded to well-behaving nodes and ACK ask is enforced after a dropping, which ensure the efficiency and decreases the cost especially when selfish nodes rate is low, as shown in the simulation results
SeCQos Workshop, Athens, September 2005
20
Conclusion
• Our solution is operational regardless the power control employment
• It reduces the false detection rate with low cost (energy and delay)
• The random two-hop ACK reduces dramatically the overhead
SeCQos Workshop, Athens, September 2005
21
?