SECURE INTELLIGENCE ALGORITHM FOR DATA …SECURE INTELLIGENCE ALGORITHM FOR DATA TRANSMISSION IN ... In reactive method, mobile nodes in MANETs initiate broadcasting GW_SOL control

International Journal of Computer Science and Applications,

Technomathematics Research Foundation

Vol. 14, No. 2, pp. 142 – 163, 2017

142

SECURE INTELLIGENCE ALGORITHM FOR DATA TRANSMISSION IN

INTEGRATED INTERNET MANET*

C. ATHEEQ †

Research Scholar*,

B. S. Abdur Rahman University*, Vandalur, Chennai, Tamil Nadu 600048*,

[email protected]*

M. MUNIR AHAMED RABBANI

Professor,

B. S. Abdur Rahman University, Vandalur, Chennai, Tamil Nadu 600048

[email protected]

Integrating MANET with internet makes MANET a heterogeneous network by increasing the

application area and communication range. The communication is achieved by the gateway which is

used in integration process and helps the mobile nodes in MANET interacting the fixed nodes in

internet or accessing the internet resources. Heterogeneous MANET has dynamic and distributed

nature that opens multiple malware entry points that leads to increase in security risk for Integrated

Internet MANET (IIM). In the recent approaches, communication is provided between mobile nodes

and fixed nodes in IIM based on gateway discovery approaches and trust based approaches with lack

of security. So there is a need for developing effective method for communication by using

cryptographic technique and resolving the attacks on integration. We provide a Secure Intelligence

Algorithm (SIA) for data transmission between mobile node and fixed node in IIM. The proposed

algorithm has three phases. In the first phase, misbehavior nodes in MANETs are identified, in the

second phase trusted nodes are verified and in the third phase, a session key is established between

mobile node and fixed node by mutual authentication process. Performance of the proposed

technique provides effective elimination of misbehavior nodes and lower computational cost in key

agreement process when compared to existing strategies.

Keywords: integration, malicious nodes, promiscuous, intelligence, mutual authentication.

1. Introduction

Mobile Ad hoc Network (MANET) is a temporary, self-organized, wireless network that

consists of homogeneous mobile nodes. These infrastructures-less networks are generally

used in the domain where centralized communication is not instantly available. Every

node in MANET has constraint properties and it could be a host or a router and

* For the title, try not to use more than 3 lines. Typeset the title in 10 pt Times Roman, uppercase and boldface. † Typeset names in 8 pt Times Roman, uppercase. Use the footnote to indicate the present or permanent address

of the author.

mailto:[email protected]

mailto:[email protected]

Secure Intelligence Algorithm in IIM

143

communication is achieved in a peer to peer fashion by exchanging messages. Mobile

nodes have limited transmission range and can communicate within their region only and

due to dynamic nature of MANETs i.e. any node can enter and leave the network at any

time, thus they should be managed in an effective manner. As MANETs has limited

communication domain where mobile nodes cannot access the internet resources, they do

not provide effective utilization of resources. So in order to have effective resources

utilization, provide user application and share distributed resources; MANETs must be

interconnected to the internet. However this arrangement makes MANET a

heterogeneous network with lack of security [Melaku, H.M. et. al, 2015]. The

architecture of integrated internet MANET is represented in figure 1.

Fig. 1 Architecture of Integration of Internet MANET

The integration provides maximum number of communicating entities to both the

MANET and internet. A mobile node can interact with the internet with the help of

gateways [Jisha, G. et.al, 2016] that acts as bridge between the two different types of

networks. Number of routing methods have been presented by [Sivakumar, T. and

Manoharan, R., 2015, Sumathi, K. et. al, 2015, Abduljalil, F.M. and Bodhe, S.K., 2007,

Ramanarayana, K. and Jacob, L., 2007] to route packets from source to destination. There

are three approaches to identify the gateways namely proactive, reactive and hybrid. In

proactive method, the gateway initiates the registration process for mobile nodes to get

registered by broadcasting the GW_ADV control packets. In reactive method, mobile

nodes in MANETs initiate broadcasting GW_SOL control packets to discover the

gateways. In hybrid method, both proactive and reactive methods are incorporated and

initiations are done by gateway as well as mobile node. In order to route a packet from

one node to another, well known algorithm AODV is modified to use in the routing

process in IIM as the standard AODV is limited to only homogeneous mobile nodes.

However, these approaches do not have appropriate technique to mitigate malicious

nodes from IIM. In order to resolve the issue, we consider the network to enter into the

promiscuous mode where the source node can observe the behavior of all other nodes. A

mobile node may not forward all the packets that it has received and intentionally drop

the packets or not forward them and when this packet dropping level reaches the

threshold value, then the IP address of the mobile node is made known to all other nodes

in the network by broadcasting message indicating its misbehavior activities.

Atheeq. C, M. Munir Ahamed Rabbani

144

A node may drop the packets in two conditions intentionally and unintentionally. A node

is said to be intentional misbehavior node if it first agrees to forward the packets to its

neighbor nodes and fails to do so. The mobile nodes present in MANET which is a

resource constrained network and has limited properties like battery power, buffer space

which leads the mobile node to drop the packet without processing which is unintentional

misbehave. Such kind of mobile nodes with these reasons are not treated as malicious

nodes. Hence it is necessary to verify the reason behind packet dropping and find out the

actual misbehavior nodes.

After the malicious nodes are notified in the network, then for the remaining nodes the

trust value is calculated in order to select the next neighbor node for data transmission.

The node which is having the maximum trust value is considered for data transmission

and this process is carried out for the selected neighbors.

Authenticating mobile node with the fixed node in IIM is an important aspect as there are

number of decentralized entry ways for malicious nodes to enter into the application

domain of MANETs and could misbehave in order to effect the communication between

the end parties. So the end nodes which are mutually authenticated can have a secure way

to exchange the data that can be protected from misbehaving nodes [Tahat, N., 2016].

Except to look at different methodologies and vendors addressing these problems with

policy based methods to security and provisioning, lot of research is done that gives the

proper work on data prevention from misbehaving entities in IIM and the centralized

network are IP dependent, taking into consideration the unauthenticated nodes in

Integrated Internet-MANET for exchanging of data in IIM with the help of gateway is

complex and suffers from poor performance in heterogeneous MANET. This makes us to

develop a mechanism for mutual authentication in IIM by minimizing the security risk

The main focus of our work is to identify and eliminate the misbehavior nodes based on

the intentional packet drop reason and authenticate the trusted mobile node and fixed

nodes in the area of integrating internet with MANET. So a secure intelligence algorithm

is required for authenticating end parties in IIM after eliminating the misbehavior nodes

so that the data transmission can takes place in a secure manner and also reducing the

security risk in IIM by eliminating false misbehaving attack. The misbehavior nodes are

verified whether the node drops the packets intentionally or unintentionally in order to

identify the actual misbehavior node.

The remaining part of this paper is presented as follows. Section 2 deals with the

previous strategies of identifying the misbehavior nodes and authentication process,

Section 3 presents the required preliminaries, Section 4 describes the proposed scenario

in detail. Results are presented in Section 5 and Section 6 concludes the paper.


145

2. Related Work

In the past few decades, [Sivakami, T. and Shanmugavel, S., 2011, Ding, S., 2008] has

proposed the methodology to interconnect the internet with MANET so that the mobile

nodes in MANET can interact with the fixed nodes in the internet by using the gateway

for interconnection purpose. In order to route the packets from mobile node in MANET

to the fixed node in internet, the author has worked out on the best known routing

algorithm Ad hoc On-demand Distance Vector (AODV) routing algorithm because the

standard AODV support routing only between autonomous mobile users. The gateway

discovery approaches presented in this paper are proactive, reactive and hybrid methods.

All these methods are used to find the gateway in order to make registration of mobile

node and allow them to route the packets from mobile nodes to fixed node through

gateway without considering the presence of malicious nodes which also registers with

the gateway and continue in routing of wrong messages or interpreting in the

communication between mobile node and fixed node in IIM. So in our approach, we are

identifying the malicious nodes and then allowing the mobile nodes to register with the

gateway by which we can protect our data from malicious nodes [Rai, A.K. et. al, 2010].

[Thachil, F. and Shet, K.C., 2012] presented a technique to resolve black hole attack

where every node observes its neighbor node by placing a cache that records the

operation performed on packet with respect to its neighbor. The trust value of the

neighbor node is evaluated based on the operation that the neighbor node whether it

further forwards the packets that it has received. The evaluated trust value lies below the

threshold, it considers the node to be malicious but the evaluation of trust value does not

consider the packet dropping reason.

[Rachh, A.V. et. al., 2014] have proposed Enhance Black hole AODV that develops the

parent nodes for identifying misbehaving nodes. When the source node sends RREQ, a

timer is set up and within the expected time, the request message is received and a pseudo

message is transmitted to the destiny and when the acknowledgement is received, source

sends the original message. If the ACK are not received, packets are dropped. In this

paper, the proper method of selecting a head node is not specified moreover delivering of

pseudo packets leads overhead without considering the reason for packet dropping.

Routing protocols proposed by [Rajaram, A. and Palaniswami, S., 2010, Hu, Y.C. et. al,

2003, Castelluccia, C. and Montenegro, G., 2002] focuses to discover a secure path

depending on public key infrastructure in which the third party is responsible for system

dependency. PKI creates more overhead with respect to key management. The protocols

[Kshirsagar, D. and Patil, A., 2013] are responsible for resolving black hole attack

without specifying the cause to drop the packets.

[Siddiqua, A., et al., 2015] proposed a technique for resolving black hole attack. It

observes the packets which are forwarded in promiscuous mode before deciding that a


146

specific node is black hole node to guarantee that the packets are received by its

destination, the algorithm observers the node for identifying the reason behind packet

dropping, and maintaining a trustworthy node turning into a black hole node. But to

provide more effectiveness of the secure communication, authenticating the end parties is

considered in order to resolve false reporting attack.

[Zeba Naaz, et al., 2017] proposed a mechanism to authenticate the mobile node with the

fixed node using chebyshev polynomials. In this paper the composition property is used

in generation of the secret key at mobile node as well as fixed node for authentication

purpose. The outcome of the mechanism is compared with the existing RSA

cryptographic technique in terms of time for generating the secret key. The proposed

model has low computational cost when compared to RSA but the node misbehavior

factors are not considered as mobile node are dynamic in nature and the reason is not

justified for dropping the packets.

In all the above mentioned strategies, the individuals lack with a unique incorporated

mechanism that provides an effective method for communication in IIM by minimizing

the attacks as misbehavior nodes and authenticate the trusted mobile node and the fixed

node so that the data they are sharing can be protected from the misbehaving third parties.

So we provide the incorporated mechanism that has all these aspects and provide better

communication by reducing the computational cost in the cryptographic phase used.

3. Preliminaries

In MANETs, nodes may drop the packets intentionally and unintentionally. The factors

that leads to unintentional packet dropping are limited energy, limited queue length and

transmission range.

3.1 Energy:

The energy of all the nodes in the MANETs is constrained particularly for the mobile

devices besides their behavior like, discovering the neighbors and exchanging of

information will devour energy. The nodes energy is once depleted, it doesn't have the

capacity in its buffer to forward the packets [Chan, H.F. and Rudolph, H., 2015]. If large

number of nodes energy is getting down in the network, this degrades the performance of

IIM leading to unreliable services in IIM. In this manner, the nodes with lower energy

values should be taken care to increase and effective utilization of energy.

3.2 Buffer:

The mobile nodes are composed with finite buffer space for packet operations with store

and forward principle. If sufficient nodes buffers are considered, then it results in good

performance with respect to high delivery rate and short delivery delay. However, in an

experimental case, though the buffer space of mobile nodes recently is more, the buffer

space required to share is very limited [Kobbane, A. et.al, 2013]. If the shared buffer


147

space of the mobile devices is full, the node will neither discard the packet in this buffer

nor receive packets any more in order to provide room for the newly arrived nodes at the

same time more number of data forwarding opportunities will be wasted, which

obviously will decrease the networks performance. Then again, if the node gets new ones,

it should discard the packets in this buffer space, which will likewise diminish the

delivery quality. So, from the perspective of experimentally, the buffer space is

additionally an essential element that ought to be completely considered.

3.3 Trust:

The need of selecting a trusted mobile node in MANET for secure data transmission in

the field of integrating internet with MANET is an important aspect as there are multiple

malware entry points in MANETs due to its openness. So, trust methodology is required

in this environment in which mobile nodes should select the trustworthy neighbor nodes

besides optimal one for its communication.

3.4 Chaotic maps:

With the quick change of chaos theory related to cryptography [Hussain, I. et. al, 2012,

Hussain, I. et. al, 2013, Khan, M. 2013, Ozkaynak, F. and Yavuz, S., 2013], vast measure

of key management protocols that utilizes chaotic maps are studied greatly. The protocols

which uses chaos concept are focused in three types based on the quantity of the nodes:

two-tier key agreement scheme, three-tire key agreement scheme and multi-tier key

agreement scheme for authentication [Xie, Q. et. al., 2013]. Enhancement of proficiency

with new secure properties is seen in scholarly works. Starting late, the key agreement

method for authentication in view of secret key for three-level engineering using

particular exponentiation or scalar growth on an elliptic curve is tended to extensively

[Gong, P. et. al, 2012, Niu, Y. and Wang, X., 2011, Xue, K. and Hong, P., 2012, Yoon,

E.J., 2012, Tan, Z., 2013, Lee, C.C. and Hsu, C.W., 2013, Guo, C. and Chang, C.C.,

2013]. Regardless, these arrangements require considerable estimation weights and the

investigation is still exist on key management conspire for authentication on three-level

architecture.

Our work intends to fulfill defensive communication with security target i.e.

authentication as it is the best way to deal with trustworthiness and false misbehaving in

data transmission from mobile node to fixed node. Chebyshev polynomial uses its

composition property [Lee, C.C. et.al., 2013, Lai, H. et. al., 2014, Wu, S. et. al., 2013,

Xie, Q et. al., 2013, Zhu, H., 2015, Zhen, P. et. al., 2014] that shows the concept of two

element key management thought which allows the granting elements for exchanging

open keys by means of a channel that is not protected and generates a common secret key

between them. Strategies in [Yoon, E.J. and Jeon, I.S., 2011, Lai, H. et. al., 2012, Zhao,

F. et. al, 2013] presents the authentication process based on Chebyshev polynomial's for

key agreement yet they negotiate that exchanging of private information is by means of

some secured medium anyway it is compelled to MANET. In this manner it motivates us

to go with another procedure to give key management for mutual authentication in IIM.


148

3.5 Defining Chebyshev Polynomials:

Let us assume that n be an integer and x be a variable in the intervals [-1, 1]. The

Chebyshev polynomial :[-1,1] → [-1,1] can be defined as = cos(n

(x)). Under the current relationship for the degree of n, Chebyshev polynomial map :

R→R presented by Lee, C.C. et al., 2013 is given in eq. no. 1:

, (1)

Where n2 , 1, and x .

Some of the first few Chebyshev polynomials are given as:

… … … …

The Semi group property of Chebyshev polynomials which is obtained by fulfilling the

eq. no. 2 as

(2)

A quick result of this property is that Chebyshev polynomials drive under Composition in

eq. no 3.

(3)

For enhancing protection, [Cai, Z. et al., 2015] proposed the semi-group idea that impact

Chebyshev polynomials given in interim [-∞,+∞] . Enhanced Chebyshev chaotic maps

are used in designed method as in eq. no 4:

(4)

Where n2 , x(,) , and N is a large prime number. Obviously their relation is

represented in eq. no. 5,

(5)

Definition 1: Semi-group property of Chebyshev polynomials:

Definition 2: The Chaos Map Based Discrete Logarithmic Problem (CMBDLP) is

defined as Ts(x)=y by considering the arguments x and y as it is difficult to discover the

whole numbers.


149

Definition 3: The Chaos Map Based Diffie-Hellman Problem (CMBDHP) is so called

because it is difficult to evaluate =y by considering x, & .

In the recent approaches, the polynomial used in the cryptosystems leads to minimal

utilization of time for generation of the secret key that is being shared by the end

parties of authentication.

Fig. 2. Comparison of RSA, ECC, HASH, Symmetric Algorithm and Chaotic map

based algorithm.

Comparison between RSA, ECC [Gharib M, et al., 2017], HASH, Symmetric

Algorithm & chaotic maps based key generation are shown in figure 2. It demonstrates

that chaotic map based technique provides less computational overhead in comparison

with RSA and ECC. As we increase the key size, the time taken to generate the key also

increases and in the above figure, for the key size of 1024 bits, RSA consumes 0.080058

sec and the same size key when generated using chaotic maps consumes 0.002699 sec. So

our proposed protocols takes less time for generating key compared to RSA

3.6 One-way Hash function

Hash Function h:a→b properties in cryptosystem are as follows:

1. The h function acknowledges the information substance of subjective size as

information and produces the information content process of non-variable size

as yield

2. The h function is uni-directional as given a ,which is easy to ascertain h ab .

All things considered, given b , which is tuff to calculate ;

3. Consider a and its figuring is not practical to evaluate a ' with the ultimate

objective that a' a ,but ha'ha;

Evaluations are not attainable to yield the combination of a ,a' with the ultimate objective

that a' a ,but ha'ha

3.7 Symmetric key algorithm

The phases that are involved in Symmetric key algorithm are as follows and the flow

chart is represented in figure 3.


150

1. Generation of secret key

2. Encryption of the plain text (P) with the help of in order to generate the

cipher text (C)

3. Decryption of cipher text (C) with the help of secret key .

The definition and proofs of proposed key agreement protocol and some of the resolved

attacks shall be provided in Appendix

4. Proposed Mechanism

In order to provide secure communication between mobile node and fixed node, we are

proposing a Secure Intelligence Algorithm (SIA) for key agreement protocol based on

chaos theory after identifying the misbehavior nodes in the network. The proposed

protocol has three essential tasks to do. First identifying the misbehavior nodes in

promiscuous mode based on packet drop reason, evaluates the trust of nodes reframed

from promiscuous mode and authenticates mobile node and fixed node. A node is treated

as malicious node in promiscuous mode if it sends the packets less than the packets it has

received and drops or not forwarding the packets more than or equal to threshold value.

Authentication process involves registration of mobile nodes and then provides

authenticating with fixed nodes. The architecture of the proposed model is represented in

figure 3.

Fig 3. Presence of misbehaving nodes in IIM.

In this work, the nodes that undergo communication has ‘x’ as the public

information. In order to provide mutual authentication in IIM, the gateway should first

authenticate whether the mobile node is authentic or a malicious user. Later gateway

provide mutual authentication between mobile node and the fixed node to enhance the

security in IIM.


151

4.1 Secure Intelligence Algorithm

In our proposed algorithm we do have three phases namely

• Misbehavior node detection Phase

• Trust Computation Phase

• Mutual Authentication Phase

(i)Misbehavior node detection Phase:

Step 1: Initialize mobile nodes, fixed nodes and gateway.

Step 2: Assign mobile nodes battery power, transmission range and queue length.

Step 3: All the mobile nodes in IIM observe their neighbor nodes promiscuously.

Step 4: Records the behavior of nodes based on packet operation.

Step 5: Mobile nodes compares the neighbor nodes information about the number of

packets it has received and it has transmitted.

Step 6: If the results are equal

then the nodes are treated as trusted nodes.

else if the packet dropping is intentional and reaches the threshold value

then consider the nodes as misbehavior nodes

Step 7: Broadcast the IP address of malicious node in the IIM notifying its misbehavior.

(ii)Trust Computation Phase:

Step 8: Record all the trusted nodes.

Step 9: Compute the complete trust (T) value using hybrid method.

DTm1,m2= W(Rp)*Rp+ W(Rq)*Rq+ W(Re)*Re.

T=(αDTm1,m2+βITm1,m2)/2.

Where DT m1,m2 is direct trust of m1 on m2 mobile nodes,

ITm1,m2 is indirect trust of m1 on m2 mobile nodes,

α and β are constants whose values lies between 0 and 1,

Rp, Rq, Re are route reply, route request and route error respectively and W is the

weight assigned.

Step 10: Consider maximum trust node for data transmission.

(iii)Mutual Authentication Phase:

Let MN be the trusted mobile node, GW be the gateway and FN be the destination fixed

node. Assuming that the source MN is trustworthy and the password is being shared in a

secure channel, we are eliminating the false misbehavior nodes that effect the integrity of

data being transferred and minimizing the internal attacks through the secret key sharing

mechanism that is computed by chebyshev polynomials.

Step 11: MN selects a secret Prime number as ‘m’ for computing and applies hash

function to the values , and the password by

performing XOR operations on them as = H( ||

) Where are the identities of MN, GW, and FN


152

that are publicly available. Now it generates the key as =( )

in order to encrypt the hash value, then the obtained cipher text along with

the identities and that is composed as the message m1 and delivered to

GW.

Step 12: GW selects a secret Prime number as ‘g’ for computing and applies hash

function to the values , and the password by

performing XOR operations on them as = H( ||

). Now it generates a secret key for decrypting the cipher text

received from mobile node that reveals The GW compares both the has

values if they are equivalent then it confirms the mobile nodes registration and

forwards to FN in the message m2.

Step 13: .The FN selects a secret prime number ‘f’ in order to computes and

evaluates hash function for the values , and the

password by performing XOR operations on them as = H(

|| ). The secret key is also evaluated as

=( ) for encrypting the hash value as and sends

the message to MN through GW.

Step 14: The MN first calculates the hash value and generates the secret key for

decrypting the cipher text which produces the hash value ,it then

compares the resultant with the value it has calculated . If both the

values are equal then it authenticates with the FN through GW.

The working of mutual authentication phase is given in figure 4.

Select a secret prime no. ‘m’

and compute: ,

= H( || )

Generate

=( )

Mobile Node Gateway Fixed Node


153

Select a secret prime no.

‘g’ and compute:

=H( ||

Generate

=( )

If (

Confirmation Registration

Select a secret prime no.

‘f’and compute:

=H( ||

Generate

=( )

Compute

= H( || )

Generate:

=( )

If )

Authenticate Authenticate

Fig 4. Mutual Authentication between mobile node and fixed node through Gateway

As described above, in order to simplify the issue, the nodes energy is primarily utilized

for forwarding and receiving data is assumed, and on saving of data the energy utilized is

ignored. Then, at a specific point, it is also assumed that the nodes initial energy for

delivering data is EGinit, and consumption of energy is separated in two parts, first one is

data forwarding energy, and the second one is data receiving energy. Therefore the

residual energy EGr of every node based on complete packets it has forwarded and

received is given by the equation

EGr = EGinit – EGpkt* PKT𝑡, (6)


154

where EGpkt denotes the consumption energy for forwarding or receiving for every packet

and PKTt denotes total number of packets that are forwarded or received.

In our work, the buffer capacity required by each node to share is limited and equal,

which is denoted by BFinit. The buffer space of a node is decreased whenever it receives

the packet m whose size is BFm and whenever it drops a packet n whose size is BFn, the

remaining buffer space will be increased. In an overall, the residual buffer BFnew is

evaluated with the following equation:

BFnew = BFinit − BF𝑚+ BF𝑛. (7)

Using this equation, the residual buffer space of each node can be updated according to

its data exchange.

Table 1. Notations used in this paper.

Notations Description

GW_ADV Gateway Advertisement message

GW_SOL Gateway Solicitation message

Chebyshev polynomial

h Hash Function

Secret Key Generation

P, C Plain Text, Cipher Text

EGinit Initial Energy

EGr Residual Energy

EGpkt Consumption Energy for forwarding or receiving for every Packet.

PKTt Total Number of Packets that is forwarded or received.

BFinit Buffer Capacity

BFm Buffer Receives Packet m

BFn Buffer Drops Packet n

BFnew Residual Buffer

MN, GW, FN Mobile Node, Gateway, Fixed Node

m, g, f Prime Numbers for Mobile Node, Gateway and Fixed Node respectively

pw Password

Encryption Key for Encrypting Hash Value into Cipher Text.

Decryption Key for Decrypting Cipher Text into Hash Value.

SK Session Key

DT m1,m2 Direct Trust of m1 on m2 mobile nodes

ITm1,m2 Indirect Trust of m1 on m2 mobile nodes

T Complete Trust

Rp, Rq, Re Route Reply, Route Request and Route Error respectively

W Weight assigned

α and β Constants whose values lies between 0 and 1


155

Fig 5. Flowchart of the proposed model.


156

5. Performance Analysis

Simulator NS 2.34 is used to check the performance of proposed scenario by using the

parameters presented in table 2. Under same network environment, the performance of

RSA is also verified and compared with our proposed model. The overhead and session

key management time of proposed technique with respect to key size besides eliminating

the false misbehavior attack in IIM after identifying misbehavior nodes.

Table 2.Simulation parameters of IIM

Values Network Parameters

90 s Simulation Duration

10-40 Number of Nodes

Wireless Channel Channel

802.11 MAC

Random way point Mobility Model

Reactive Routing Protocol

Random way point Radio Communication

512 bytes Packet Size

CBR Traffic

1000m x1000m Network Area

Fig 6. Comparison of Packet Delivery Fraction versus number of nodes.

In the above graph, we have analyzed the packet delivery fraction in SIA proposed

technique and the existing approaches by increasing number of nodes from 10 to 40. The

results show that the proposed technique has more delivery fraction of packets compared

to the existing secure knowledge algorithms and trusted knowledge algorithm. In SKA,


157

the delivery ratio is very poor and in TKA it is little improved but overall SIA give

effective packet delivery fraction more than 95%.

Fig 7. Comparison of Routing Overhead versus number of nodes

The x-axis represents the number of nodes and the y-axis represents the overhead

measured in terms of number of packets. Each packet requires extra bytes of format

information that is stored in the packet header, which is combined with the packets and

that results in minimizing the overall transmission speed of the raw data. The overhead

increases as the number of packets increases slightly in all the examined algorithms but in

over all, our proposed technique SIA has very less overhead.

Fig 8. Comparison of Throughput versus number of nodes

In the above graph we are measuring the throughput of the network. Throughput is a

measure of how many packets a node can process in a given amount of time. The

throughput of our proposed technique is also more when compared to the existing secure


158

knowledge algorithm and trusted knowledge algorithm. Generally, it is the maximum rate

of production or the maximum rate at which something can be processed.

6. Conclusion

Our research figures out an enhanced provably secure intelligence algorithm that

identifies the actual reason for packet dropping in order to justify that a node is

misbehaviour node and also provide mutual authentication protocol for trusted nodes

based on chaotic maps in the integration of internet and MANET. From the existing

techniques, this algorithms figures whether the node drops the packet intentionally or

unintentionally and find out the reason behind packet dropping which the base for

misbehaviour node detection. The results are also compared with the existing RSA

algorithm with respect to key generation time used for authentication purpose. The

Secure Intelligence Algorithm (SIA) uses less computational overhead compared to RSA

which is an important considerable factor in IIM since it is a distributed network. The

secrete key evaluated with the help of Chaotic maps could not be resolved by attacker

within polynomial time. Hence our SIA algorithm is more suitable in the practical

environment which is based on symmetry for mobile nodes in MANETs and

transparency at fixed node in internet.it is assumed that the nodes in IIM share the

password in a secure channel, however in upcoming methodologies the password sharing

method can be based on biometric, so as to provide effective security to IIM network.

Appendix

a) False misbehavior attack : It is one such attack in routing, in which malicious

node sends false message to source

Theorem: Resolving False misbehavior attack

Proof:

Fig 9: False Misbehavior.

In figure 9, node A sends back a misbehavior report even node B forwarded the packet to


159

C. To overcome this attack encrypted acknowledgement is required which is achieved

through our proposed chaos theory.

b) Mutual Authentication: If two nodes authenticate with one another properly

and at the same time gaining the session key is known as Mutually authenticated key

agreement

Theorem: The proposed protocol can achieve mutual authentication and key agreement.

Proof:

Let us consider an example of Key exchange process between the mobile node and fixed

node in IIM is as follows

The public data is: (x, and (x,

The private data is: m and f

Mobile node Fixed node

Let , m=17(MN private key)

x=

cos(m.

=cos(17*73)

=-0.9455185756

MN sends (x, as public key to FN

Compute

=

=cos(m.

=cos(17*4.999999995)

=0.08715574274

Let f=5(FN private key)

x=

cos(f.

=cos(5*73)

=0.9961946981

FN sends (x, as public key to MN.

Compute

= -0.9455185756)

=cos(f. -0.9455185756))

=cos(5*161)

=0.08715574274.

c) Bogus Registration: If a malicious MN performs a fake registration by

spoofing an IP address to masquerade itself as someone else then bogus registration

occurs. A bogus registration may cause a wrong mobility binding so that all packets are

tunneled to malicious MN rather than correct MN. By a bogus registration, the attacker

obtains the right to access the internet and can implement further attacks on internet.

Theorem. The proposed protocol prevents from bogus registration.

Proof:

In proposed system registration of MN is done through authentication process in which

MN uses secret prime number for authentication purpose. The MN does not share the


160

secret prime number even in secure channel. So it is impossible for an attacker to

masquerade itself with other MN.

d) Man-in-the-middle attack: The man-in-the-middle attack is an attack where

the attacker secretly relays and possibly alters the communication between two parties

who believe they are directly communicating with each other.

Theorem: The proposed protocol can resist Man-in-the-middle attack.

Proof:

The paper on one side assumes all that the password is shared through secured medium.

On the opposite side, our method has effectively validated (in fig. 5) each other among

mobile nodes, gateway and fixed node in view of these secrets. Thus intruder has no

chance to relay and modify the communication between MN and FN.

e) Known-key security: The process of shielding the resulting session keys from

uncovering regardless of the possibility that the past session keys are uncovered by the

intenders is said to be Known-key security.

Theorem: The known key security can be proved by our technique.

Proof:

As the session key SK =Tm(Tf(x))= Tf(Tm (x)) is relied on upon the irregular prime

numbers m & f , & the era of key is autonomous in all phases, an enemy can't process the

past and the future session keys when the enemy has one session key. What's more, in the

private upgrade stage and only once session key is utilized, so it has known key security

trait.

f) Black Hole attack: An attack in which the node or a router is supposed to

forward the packets instead it discards them lading to black hole attack.

Theorem: The black hole attack can be mitigated with our proposed method.

Proof:


161

Our proposed algorithm monitors the neighbor nodes promiscuously and records its

behavior regarding packet operations. If it finds that the node is not further forwarding

the packets and its packet dropping reaches the threshold the it notices the node to be a

black hole attack.

References

Abduljalil, F.M. and Bodhe, S.K., 2007. A survey of integrating IP mobility protocols and mobile

ad hoc networks. IEEE Communications Surveys & Tutorials, 9(1), pp.14-30.

Cai, Z., et al., 2015. A Chebyshev-Map Based One-Way Authentication and Key Agreement

Scheme for Multi-Server Environment. International Journal of Security and Its

Applications, 9(6), pp.147-156.

Castelluccia, C. and Montenegro, G., 2002. Protecting AODV against Impersonation attacks. ACM

SIGMOBILE Mobile Computing and Communications Review, 6(3), pp.108-109.

Chan, H.F. and Rudolph, H., 2015, November. New energy efficient routing algorithm for Wireless

Sensor Network. In TENCON 2015-2015 IEEE Region 10 Conference (pp. 1-5). IEEE

Ding, S., 2008. A survey on integrating MANETs with the Internet: Challenges and

designs. Computer Communications, 31(14), pp.3537-3551.

Gharib M, et al., 2017 Feb 11. Fully distributed ECC-based key management for mobile ad hoc

networks. Computer Networks.113:269-83.

Gong, P., Li, P. and Shi, W., 2012. A secure chaotic maps-based key agreement protocol without

using smart cards. Nonlinear Dynamics, 70(4), pp.2401-2406.

Guo, C. and Chang, C.C., 2013. Chaotic maps-based password-authenticated key agreement using

smart cards. Communications in Nonlinear Science and Numerical Simulation, 18(6), pp.1433-

1440.

Hu, Y.C., Johnson, D.B. and Perrig, A., 2003. SEAD: Secure efficient distance vector routing for

mobile wireless ad hoc networks. Ad hoc networks, 1(1), pp.175-192.

Hussain, I., Shah, T. and Gondal, M.A., 2012. A novel approach for designing substitution-boxes

based on nonlinear chaotic algorithm. Nonlinear Dynamics, 70(3), pp.1791-1794.

Hussain, I., et al., 2013. An efficient approach for the construction of LFT S-boxes using chaotic

logistic map. Nonlinear Dynamics, 71(1-2), pp.133-140.

Jisha, G., Samuel, P. and Paul, V., 2016. Role of Gateways in MANET Integration

Scenarios. Indian Journal of Science and Technology, 9(3).

Khan, M., et al., 2013. An efficient method for the construction of block cipher with multi-chaotic

systems. Nonlinear Dynamics, 71(3), pp.489-492.

Kobbane, A., Ben-Othman, J. and El Koutbi, M., 2013, June. Packet dropping for real-time

applications in wireless networks. In Communications (ICC), 2013 IEEE International

Conference on (pp. 2949-2953). IEEE.

Kshirsagar, D. and Patil, A., 2013, July. Blackhole attack detection and prevention by real time

monitoring. In Computing, Communications and Networking Technologies (ICCCNT), 2013

Fourth International Conference on (pp. 1-5). IEEE.

Lai, H., et al., 2014. Provably secure three-party key agreement protocol using Chebyshev chaotic

maps in the standard model. Nonlinear Dynamics, 77(4), pp.1427-1439.

Lai, H., et al., 2012. Applying semigroup property of enhanced Chebyshev polynomials to

anonymous authentication protocol. Mathematical Problems in Engineering, 2012.

Lee, C.C. and Hsu, C.W., 2013. A secure biometric-based remote user authentication with key

agreement scheme using extended chaotic maps. Nonlinear Dynamics, 71(1-2), pp.201-211.


162

Lee, C.C., Li, C.T. and Hsu, C.W., 2013. A three-party password-based authenticated key exchange

protocol with user anonymity using extended chaotic maps. Nonlinear Dynamics, 73(1-2),

pp.125-132.

Melaku, H.M., Woldegebreal, D.H. and Raimond, K., 2015. Investigating the effects of security

attacks on the performance of TCP variants and routing protocols in MANET. International

Journal of Computer Applications in Technology, 51(3), pp.235-246.

Niu, Y. and Wang, X., 2011. An anonymous key agreement protocol based on chaotic

maps. Communications in Nonlinear Science and Numerical Simulation, 16(4), pp.1986-1992.

Ozkaynak, F. and Yavuz, S., 2013. Designing chaotic S-boxes based on time-delay chaotic

system. Nonlinear Dynamics, 74(3), pp.551-557.

Rachh, A.V., Shukla, Y.V. and Rohit, T.R., 2014. A Novel Approach for Detection of Blackhole

Attacks. IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN, pp.2278-0661.

Rai, A.K., Tewari, R.R. and Upadhyay, S.K., 2010. Different types of attacks on integrated

MANET-Internet communication. International Journal of Computer Science and

Security, 4(3), pp.265-274.

Rajaram, A. and Palaniswami, S., 2010. Malicious node detection system for mobile ad hoc

networks. International Journal of Computer Science and Information Technologies, 1(2),

pp.77-85.

Ramanarayana, K. and Jacob, L., 2007, July. Secure routing in integrated mobile ad hoc network

(MANET)-Internet. In Security, Privacy and Trust in Pervasive and Ubiquitous Computing,

2007. SECPerU 2007. Third International Workshop on (pp. 19-24). IEEE.

Siddiqua, A., Sridevi, K. and Mohammed, A.A.K., 2015, January. Preventing black hole attacks in

MANETs using secure knowledge algorithm. In Signal Processing And Communication

Engineering Systems (SPACES), 2015 International Conference on (pp. 421-425). IEEE.

Sivakami, T. and Shanmugavel, S., 2011, December. An overview of mobility management and

integration methods for heterogeneous networks. In 2011 Third International Conference on

Advanced Computing (pp. 41-45). IEEE.

Sivakumar, T. and Manoharan, R., 2015. OPRM: an efficient hybrid routing protocol for sparse

VANETs. International Journal of Computer Applications in Technology, 51(2), pp.97-104.

Sumathi, K., et al., 2015. An investigation on the impact of weather modelling on various MANET

routing protocols. Indian Journal of Science and Technology, 8(15).

Tahat, N., 2016. Convertible multi-authenticated encryption scheme with verification based on

elliptic curve discrete logarithm problem. International Journal of Computer Applications in

Technology, 54(3), pp.229-235.

Tan, Z., 2013. A chaotic maps-based authenticated key agreement protocol with strong

anonymity. Nonlinear Dynamics, 72(1-2), pp.311-320.

Thachil, F. and Shet, K.C., 2012, September. A trust based approach for AODV protocol to

mitigate black hole attack in MANET. In Computing Sciences (ICCS), 2012 International

Conference on (pp. 281-285). IEEE.

Wu, S., et al., 2013. Cryptanalysis and enhancements of efficient three-party password-based key

exchange scheme. International Journal of Communication Systems, 26(5), pp.674-686.

Xie, Q., Zhao, J. and Yu, X., 2013. Chaotic maps-based three-party password-authenticated key

agreement scheme. Nonlinear Dynamics, 74(4), pp.1021-1027.

Xue, K. and Hong, P., 2012. Security improvement on an anonymous key agreement protocol

based on chaotic maps. Communications in Nonlinear Science and Numerical

Simulation, 17(7), pp.2969-2977.

Yoon, E.J., 2012. Efficiency and security problems of anonymous key agreement protocol based on

chaotic maps. Communications in Nonlinear Science and Numerical Simulation, 17(7),

pp.2735-2740.


163

Yoon, E.J. and Jeon, I.S., 2011. An efficient and secure Diffie–Hellman key agreement protocol

based on Chebyshev chaotic map. Communications in Nonlinear Science and Numerical

Simulation, 16(6), pp.2383-2389.

Zeba Naaz, Kauser Fatima, Atheeq C., 2017. Performance Based Comparison Study of RSA and

Chaotic Maps in MANET. SSRG International Journal of Electrical and Electronics

Engineering (SSRG - IJEEE), V4(2).

Zhao, F., et al., 2013. Cryptanalysis and improvement of a three-party key agreement protocol

using enhanced Chebyshev polynomials. Nonlinear Dynamics, 74(1-2), pp.419-427.

Zhen, P., et al., 2014. Key agreement protocol based on extended chaotic maps with anonymous

authentication.

Zhu, H., 2015. Flexible and Password-Authenticated Key Agreement Scheme Based on Chaotic

Maps for Multiple Servers to Server Architecture. Wireless Personal Communications, 82(3),

pp.1697-1718.

Documents

SECURE INTELLIGENCE ALGORITHM FOR DATA …SECURE INTELLIGENCE ALGORITHM FOR DATA TRANSMISSION IN ... In reactive method, mobile nodes in MANETs initiate broadcasting GW_SOL control