International Journal of Computer Science and Applications,
Technomathematics Research Foundation
Vol. 14, No. 2, pp. 142 – 163, 2017
142
SECURE INTELLIGENCE ALGORITHM FOR DATA TRANSMISSION IN
INTEGRATED INTERNET MANET*
C. ATHEEQ †
Research Scholar*,
B. S. Abdur Rahman University*, Vandalur, Chennai, Tamil Nadu 600048*,
M. MUNIR AHAMED RABBANI
Professor,
B. S. Abdur Rahman University, Vandalur, Chennai, Tamil Nadu 600048
Integrating MANET with internet makes MANET a heterogeneous network by increasing the
application area and communication range. The communication is achieved by the gateway which is
used in integration process and helps the mobile nodes in MANET interacting the fixed nodes in
internet or accessing the internet resources. Heterogeneous MANET has dynamic and distributed
nature that opens multiple malware entry points that leads to increase in security risk for Integrated
Internet MANET (IIM). In the recent approaches, communication is provided between mobile nodes
and fixed nodes in IIM based on gateway discovery approaches and trust based approaches with lack
of security. So there is a need for developing effective method for communication by using
cryptographic technique and resolving the attacks on integration. We provide a Secure Intelligence
Algorithm (SIA) for data transmission between mobile node and fixed node in IIM. The proposed
algorithm has three phases. In the first phase, misbehavior nodes in MANETs are identified, in the
second phase trusted nodes are verified and in the third phase, a session key is established between
mobile node and fixed node by mutual authentication process. Performance of the proposed
technique provides effective elimination of misbehavior nodes and lower computational cost in key
agreement process when compared to existing strategies.
Keywords: integration, malicious nodes, promiscuous, intelligence, mutual authentication.
1. Introduction
Mobile Ad hoc Network (MANET) is a temporary, self-organized, wireless network that
consists of homogeneous mobile nodes. These infrastructures-less networks are generally
used in the domain where centralized communication is not instantly available. Every
node in MANET has constraint properties and it could be a host or a router and
* For the title, try not to use more than 3 lines. Typeset the title in 10 pt Times Roman, uppercase and boldface. † Typeset names in 8 pt Times Roman, uppercase. Use the footnote to indicate the present or permanent address
of the author.
Secure Intelligence Algorithm in IIM
143
communication is achieved in a peer to peer fashion by exchanging messages. Mobile
nodes have limited transmission range and can communicate within their region only and
due to dynamic nature of MANETs i.e. any node can enter and leave the network at any
time, thus they should be managed in an effective manner. As MANETs has limited
communication domain where mobile nodes cannot access the internet resources, they do
not provide effective utilization of resources. So in order to have effective resources
utilization, provide user application and share distributed resources; MANETs must be
interconnected to the internet. However this arrangement makes MANET a
heterogeneous network with lack of security [Melaku, H.M. et. al, 2015]. The
architecture of integrated internet MANET is represented in figure 1.
Fig. 1 Architecture of Integration of Internet MANET
The integration provides maximum number of communicating entities to both the
MANET and internet. A mobile node can interact with the internet with the help of
gateways [Jisha, G. et.al, 2016] that acts as bridge between the two different types of
networks. Number of routing methods have been presented by [Sivakumar, T. and
Manoharan, R., 2015, Sumathi, K. et. al, 2015, Abduljalil, F.M. and Bodhe, S.K., 2007,
Ramanarayana, K. and Jacob, L., 2007] to route packets from source to destination. There
are three approaches to identify the gateways namely proactive, reactive and hybrid. In
proactive method, the gateway initiates the registration process for mobile nodes to get
registered by broadcasting the GW_ADV control packets. In reactive method, mobile
nodes in MANETs initiate broadcasting GW_SOL control packets to discover the
gateways. In hybrid method, both proactive and reactive methods are incorporated and
initiations are done by gateway as well as mobile node. In order to route a packet from
one node to another, well known algorithm AODV is modified to use in the routing
process in IIM as the standard AODV is limited to only homogeneous mobile nodes.
However, these approaches do not have appropriate technique to mitigate malicious
nodes from IIM. In order to resolve the issue, we consider the network to enter into the
promiscuous mode where the source node can observe the behavior of all other nodes. A
mobile node may not forward all the packets that it has received and intentionally drop
the packets or not forward them and when this packet dropping level reaches the
threshold value, then the IP address of the mobile node is made known to all other nodes
in the network by broadcasting message indicating its misbehavior activities.
Atheeq. C, M. Munir Ahamed Rabbani
144
A node may drop the packets in two conditions intentionally and unintentionally. A node
is said to be intentional misbehavior node if it first agrees to forward the packets to its
neighbor nodes and fails to do so. The mobile nodes present in MANET which is a
resource constrained network and has limited properties like battery power, buffer space
which leads the mobile node to drop the packet without processing which is unintentional
misbehave. Such kind of mobile nodes with these reasons are not treated as malicious
nodes. Hence it is necessary to verify the reason behind packet dropping and find out the
actual misbehavior nodes.
After the malicious nodes are notified in the network, then for the remaining nodes the
trust value is calculated in order to select the next neighbor node for data transmission.
The node which is having the maximum trust value is considered for data transmission
and this process is carried out for the selected neighbors.
Authenticating mobile node with the fixed node in IIM is an important aspect as there are
number of decentralized entry ways for malicious nodes to enter into the application
domain of MANETs and could misbehave in order to effect the communication between
the end parties. So the end nodes which are mutually authenticated can have a secure way
to exchange the data that can be protected from misbehaving nodes [Tahat, N., 2016].
Except to look at different methodologies and vendors addressing these problems with
policy based methods to security and provisioning, lot of research is done that gives the
proper work on data prevention from misbehaving entities in IIM and the centralized
network are IP dependent, taking into consideration the unauthenticated nodes in
Integrated Internet-MANET for exchanging of data in IIM with the help of gateway is
complex and suffers from poor performance in heterogeneous MANET. This makes us to
develop a mechanism for mutual authentication in IIM by minimizing the security risk
The main focus of our work is to identify and eliminate the misbehavior nodes based on
the intentional packet drop reason and authenticate the trusted mobile node and fixed
nodes in the area of integrating internet with MANET. So a secure intelligence algorithm
is required for authenticating end parties in IIM after eliminating the misbehavior nodes
so that the data transmission can takes place in a secure manner and also reducing the
security risk in IIM by eliminating false misbehaving attack. The misbehavior nodes are
verified whether the node drops the packets intentionally or unintentionally in order to
identify the actual misbehavior node.
The remaining part of this paper is presented as follows. Section 2 deals with the
previous strategies of identifying the misbehavior nodes and authentication process,
Section 3 presents the required preliminaries, Section 4 describes the proposed scenario
in detail. Results are presented in Section 5 and Section 6 concludes the paper.
Secure Intelligence Algorithm in IIM
145
2. Related Work
In the past few decades, [Sivakami, T. and Shanmugavel, S., 2011, Ding, S., 2008] has
proposed the methodology to interconnect the internet with MANET so that the mobile
nodes in MANET can interact with the fixed nodes in the internet by using the gateway
for interconnection purpose. In order to route the packets from mobile node in MANET
to the fixed node in internet, the author has worked out on the best known routing
algorithm Ad hoc On-demand Distance Vector (AODV) routing algorithm because the
standard AODV support routing only between autonomous mobile users. The gateway
discovery approaches presented in this paper are proactive, reactive and hybrid methods.
All these methods are used to find the gateway in order to make registration of mobile
node and allow them to route the packets from mobile nodes to fixed node through
gateway without considering the presence of malicious nodes which also registers with
the gateway and continue in routing of wrong messages or interpreting in the
communication between mobile node and fixed node in IIM. So in our approach, we are
identifying the malicious nodes and then allowing the mobile nodes to register with the
gateway by which we can protect our data from malicious nodes [Rai, A.K. et. al, 2010].
[Thachil, F. and Shet, K.C., 2012] presented a technique to resolve black hole attack
where every node observes its neighbor node by placing a cache that records the
operation performed on packet with respect to its neighbor. The trust value of the
neighbor node is evaluated based on the operation that the neighbor node whether it
further forwards the packets that it has received. The evaluated trust value lies below the
threshold, it considers the node to be malicious but the evaluation of trust value does not
consider the packet dropping reason.
[Rachh, A.V. et. al., 2014] have proposed Enhance Black hole AODV that develops the
parent nodes for identifying misbehaving nodes. When the source node sends RREQ, a
timer is set up and within the expected time, the request message is received and a pseudo
message is transmitted to the destiny and when the acknowledgement is received, source
sends the original message. If the ACK are not received, packets are dropped. In this
paper, the proper method of selecting a head node is not specified moreover delivering of
pseudo packets leads overhead without considering the reason for packet dropping.
Routing protocols proposed by [Rajaram, A. and Palaniswami, S., 2010, Hu, Y.C. et. al,
2003, Castelluccia, C. and Montenegro, G., 2002] focuses to discover a secure path
depending on public key infrastructure in which the third party is responsible for system
dependency. PKI creates more overhead with respect to key management. The protocols
[Kshirsagar, D. and Patil, A., 2013] are responsible for resolving black hole attack
without specifying the cause to drop the packets.
[Siddiqua, A., et al., 2015] proposed a technique for resolving black hole attack. It
observes the packets which are forwarded in promiscuous mode before deciding that a
Atheeq. C, M. Munir Ahamed Rabbani
146
specific node is black hole node to guarantee that the packets are received by its
destination, the algorithm observers the node for identifying the reason behind packet
dropping, and maintaining a trustworthy node turning into a black hole node. But to
provide more effectiveness of the secure communication, authenticating the end parties is
considered in order to resolve false reporting attack.
[Zeba Naaz, et al., 2017] proposed a mechanism to authenticate the mobile node with the
fixed node using chebyshev polynomials. In this paper the composition property is used
in generation of the secret key at mobile node as well as fixed node for authentication
purpose. The outcome of the mechanism is compared with the existing RSA
cryptographic technique in terms of time for generating the secret key. The proposed
model has low computational cost when compared to RSA but the node misbehavior
factors are not considered as mobile node are dynamic in nature and the reason is not
justified for dropping the packets.
In all the above mentioned strategies, the individuals lack with a unique incorporated
mechanism that provides an effective method for communication in IIM by minimizing
the attacks as misbehavior nodes and authenticate the trusted mobile node and the fixed
node so that the data they are sharing can be protected from the misbehaving third parties.
So we provide the incorporated mechanism that has all these aspects and provide better
communication by reducing the computational cost in the cryptographic phase used.
3. Preliminaries
In MANETs, nodes may drop the packets intentionally and unintentionally. The factors
that leads to unintentional packet dropping are limited energy, limited queue length and
transmission range.
3.1 Energy:
The energy of all the nodes in the MANETs is constrained particularly for the mobile
devices besides their behavior like, discovering the neighbors and exchanging of
information will devour energy. The nodes energy is once depleted, it doesn't have the
capacity in its buffer to forward the packets [Chan, H.F. and Rudolph, H., 2015]. If large
number of nodes energy is getting down in the network, this degrades the performance of
IIM leading to unreliable services in IIM. In this manner, the nodes with lower energy
values should be taken care to increase and effective utilization of energy.
3.2 Buffer:
The mobile nodes are composed with finite buffer space for packet operations with store
and forward principle. If sufficient nodes buffers are considered, then it results in good
performance with respect to high delivery rate and short delivery delay. However, in an
experimental case, though the buffer space of mobile nodes recently is more, the buffer
space required to share is very limited [Kobbane, A. et.al, 2013]. If the shared buffer
Secure Intelligence Algorithm in IIM
147
space of the mobile devices is full, the node will neither discard the packet in this buffer
nor receive packets any more in order to provide room for the newly arrived nodes at the
same time more number of data forwarding opportunities will be wasted, which
obviously will decrease the networks performance. Then again, if the node gets new ones,
it should discard the packets in this buffer space, which will likewise diminish the
delivery quality. So, from the perspective of experimentally, the buffer space is
additionally an essential element that ought to be completely considered.
3.3 Trust:
The need of selecting a trusted mobile node in MANET for secure data transmission in
the field of integrating internet with MANET is an important aspect as there are multiple
malware entry points in MANETs due to its openness. So, trust methodology is required
in this environment in which mobile nodes should select the trustworthy neighbor nodes
besides optimal one for its communication.
3.4 Chaotic maps:
With the quick change of chaos theory related to cryptography [Hussain, I. et. al, 2012,
Hussain, I. et. al, 2013, Khan, M. 2013, Ozkaynak, F. and Yavuz, S., 2013], vast measure
of key management protocols that utilizes chaotic maps are studied greatly. The protocols
which uses chaos concept are focused in three types based on the quantity of the nodes:
two-tier key agreement scheme, three-tire key agreement scheme and multi-tier key
agreement scheme for authentication [Xie, Q. et. al., 2013]. Enhancement of proficiency
with new secure properties is seen in scholarly works. Starting late, the key agreement
method for authentication in view of secret key for three-level engineering using
particular exponentiation or scalar growth on an elliptic curve is tended to extensively
[Gong, P. et. al, 2012, Niu, Y. and Wang, X., 2011, Xue, K. and Hong, P., 2012, Yoon,
E.J., 2012, Tan, Z., 2013, Lee, C.C. and Hsu, C.W., 2013, Guo, C. and Chang, C.C.,
2013]. Regardless, these arrangements require considerable estimation weights and the
investigation is still exist on key management conspire for authentication on three-level
architecture.
Our work intends to fulfill defensive communication with security target i.e.
authentication as it is the best way to deal with trustworthiness and false misbehaving in
data transmission from mobile node to fixed node. Chebyshev polynomial uses its
composition property [Lee, C.C. et.al., 2013, Lai, H. et. al., 2014, Wu, S. et. al., 2013,
Xie, Q et. al., 2013, Zhu, H., 2015, Zhen, P. et. al., 2014] that shows the concept of two
element key management thought which allows the granting elements for exchanging
open keys by means of a channel that is not protected and generates a common secret key
between them. Strategies in [Yoon, E.J. and Jeon, I.S., 2011, Lai, H. et. al., 2012, Zhao,
F. et. al, 2013] presents the authentication process based on Chebyshev polynomial's for
key agreement yet they negotiate that exchanging of private information is by means of
some secured medium anyway it is compelled to MANET. In this manner it motivates us
to go with another procedure to give key management for mutual authentication in IIM.
Atheeq. C, M. Munir Ahamed Rabbani
148
3.5 Defining Chebyshev Polynomials:
Let us assume that n be an integer and x be a variable in the intervals [-1, 1]. The
Chebyshev polynomial :[-1,1] → [-1,1] can be defined as = cos(n
(x)). Under the current relationship for the degree of n, Chebyshev polynomial map :
R→R presented by Lee, C.C. et al., 2013 is given in eq. no. 1:
, (1)
Where n2 , 1, and x .
Some of the first few Chebyshev polynomials are given as:
… … … …
The Semi group property of Chebyshev polynomials which is obtained by fulfilling the
eq. no. 2 as
(2)
A quick result of this property is that Chebyshev polynomials drive under Composition in
eq. no 3.
(3)
For enhancing protection, [Cai, Z. et al., 2015] proposed the semi-group idea that impact
Chebyshev polynomials given in interim [-∞,+∞] . Enhanced Chebyshev chaotic maps
are used in designed method as in eq. no 4:
(4)
Where n2 , x(,) , and N is a large prime number. Obviously their relation is
represented in eq. no. 5,
(5)
Definition 1: Semi-group property of Chebyshev polynomials:
Definition 2: The Chaos Map Based Discrete Logarithmic Problem (CMBDLP) is
defined as Ts(x)=y by considering the arguments x and y as it is difficult to discover the
whole numbers.
Secure Intelligence Algorithm in IIM
149
Definition 3: The Chaos Map Based Diffie-Hellman Problem (CMBDHP) is so called
because it is difficult to evaluate =y by considering x, & .
In the recent approaches, the polynomial used in the cryptosystems leads to minimal
utilization of time for generation of the secret key that is being shared by the end
parties of authentication.
Fig. 2. Comparison of RSA, ECC, HASH, Symmetric Algorithm and Chaotic map
based algorithm.
Comparison between RSA, ECC [Gharib M, et al., 2017], HASH, Symmetric
Algorithm & chaotic maps based key generation are shown in figure 2. It demonstrates
that chaotic map based technique provides less computational overhead in comparison
with RSA and ECC. As we increase the key size, the time taken to generate the key also
increases and in the above figure, for the key size of 1024 bits, RSA consumes 0.080058
sec and the same size key when generated using chaotic maps consumes 0.002699 sec. So
our proposed protocols takes less time for generating key compared to RSA
3.6 One-way Hash function
Hash Function h:a→b properties in cryptosystem are as follows:
1. The h function acknowledges the information substance of subjective size as
information and produces the information content process of non-variable size
as yield
2. The h function is uni-directional as given a ,which is easy to ascertain h ab .
All things considered, given b , which is tuff to calculate ;
3. Consider a and its figuring is not practical to evaluate a ' with the ultimate
objective that a' a ,but ha'ha;
Evaluations are not attainable to yield the combination of a ,a' with the ultimate objective
that a' a ,but ha'ha
3.7 Symmetric key algorithm
The phases that are involved in Symmetric key algorithm are as follows and the flow
chart is represented in figure 3.
Atheeq. C, M. Munir Ahamed Rabbani
150
1. Generation of secret key
2. Encryption of the plain text (P) with the help of in order to generate the
cipher text (C)
3. Decryption of cipher text (C) with the help of secret key .
The definition and proofs of proposed key agreement protocol and some of the resolved
attacks shall be provided in Appendix
4. Proposed Mechanism
In order to provide secure communication between mobile node and fixed node, we are
proposing a Secure Intelligence Algorithm (SIA) for key agreement protocol based on
chaos theory after identifying the misbehavior nodes in the network. The proposed
protocol has three essential tasks to do. First identifying the misbehavior nodes in
promiscuous mode based on packet drop reason, evaluates the trust of nodes reframed
from promiscuous mode and authenticates mobile node and fixed node. A node is treated
as malicious node in promiscuous mode if it sends the packets less than the packets it has
received and drops or not forwarding the packets more than or equal to threshold value.
Authentication process involves registration of mobile nodes and then provides
authenticating with fixed nodes. The architecture of the proposed model is represented in
figure 3.
Fig 3. Presence of misbehaving nodes in IIM.
In this work, the nodes that undergo communication has ‘x’ as the public
information. In order to provide mutual authentication in IIM, the gateway should first
authenticate whether the mobile node is authentic or a malicious user. Later gateway
provide mutual authentication between mobile node and the fixed node to enhance the
security in IIM.
Secure Intelligence Algorithm in IIM
151
4.1 Secure Intelligence Algorithm
In our proposed algorithm we do have three phases namely
• Misbehavior node detection Phase
• Trust Computation Phase
• Mutual Authentication Phase
(i)Misbehavior node detection Phase:
Step 1: Initialize mobile nodes, fixed nodes and gateway.
Step 2: Assign mobile nodes battery power, transmission range and queue length.
Step 3: All the mobile nodes in IIM observe their neighbor nodes promiscuously.
Step 4: Records the behavior of nodes based on packet operation.
Step 5: Mobile nodes compares the neighbor nodes information about the number of
packets it has received and it has transmitted.
Step 6: If the results are equal
then the nodes are treated as trusted nodes.
else if the packet dropping is intentional and reaches the threshold value
then consider the nodes as misbehavior nodes
Step 7: Broadcast the IP address of malicious node in the IIM notifying its misbehavior.
(ii)Trust Computation Phase:
Step 8: Record all the trusted nodes.
Step 9: Compute the complete trust (T) value using hybrid method.
DTm1,m2= W(Rp)*Rp+ W(Rq)*Rq+ W(Re)*Re.
T=(αDTm1,m2+βITm1,m2)/2.
Where DT m1,m2 is direct trust of m1 on m2 mobile nodes,
ITm1,m2 is indirect trust of m1 on m2 mobile nodes,
α and β are constants whose values lies between 0 and 1,
Rp, Rq, Re are route reply, route request and route error respectively and W is the
weight assigned.
Step 10: Consider maximum trust node for data transmission.
(iii)Mutual Authentication Phase:
Let MN be the trusted mobile node, GW be the gateway and FN be the destination fixed
node. Assuming that the source MN is trustworthy and the password is being shared in a
secure channel, we are eliminating the false misbehavior nodes that effect the integrity of
data being transferred and minimizing the internal attacks through the secret key sharing
mechanism that is computed by chebyshev polynomials.
Step 11: MN selects a secret Prime number as ‘m’ for computing and applies hash
function to the values , and the password by
performing XOR operations on them as = H( ||
) Where are the identities of MN, GW, and FN
Atheeq. C, M. Munir Ahamed Rabbani
152
that are publicly available. Now it generates the key as =( )
in order to encrypt the hash value, then the obtained cipher text along with
the identities and that is composed as the message m1 and delivered to
GW.
Step 12: GW selects a secret Prime number as ‘g’ for computing and applies hash
function to the values , and the password by
performing XOR operations on them as = H( ||
). Now it generates a secret key for decrypting the cipher text
received from mobile node that reveals The GW compares both the has
values if they are equivalent then it confirms the mobile nodes registration and
forwards to FN in the message m2.
Step 13: .The FN selects a secret prime number ‘f’ in order to computes and
evaluates hash function for the values , and the
password by performing XOR operations on them as = H(
|| ). The secret key is also evaluated as
=( ) for encrypting the hash value as and sends
the message to MN through GW.
Step 14: The MN first calculates the hash value and generates the secret key for
decrypting the cipher text which produces the hash value ,it then
compares the resultant with the value it has calculated . If both the
values are equal then it authenticates with the FN through GW.
The working of mutual authentication phase is given in figure 4.
Select a secret prime no. ‘m’
and compute: ,
= H( || )
Generate
=( )
Mobile Node Gateway Fixed Node
Secure Intelligence Algorithm in IIM
153
Select a secret prime no.
‘g’ and compute:
=H( ||
Generate
=( )
If (
Confirmation Registration
Select a secret prime no.
‘f’and compute:
=H( ||
Generate
=( )
Compute
= H( || )
Generate:
=( )
If )
Authenticate Authenticate
Fig 4. Mutual Authentication between mobile node and fixed node through Gateway
As described above, in order to simplify the issue, the nodes energy is primarily utilized
for forwarding and receiving data is assumed, and on saving of data the energy utilized is
ignored. Then, at a specific point, it is also assumed that the nodes initial energy for
delivering data is EGinit, and consumption of energy is separated in two parts, first one is
data forwarding energy, and the second one is data receiving energy. Therefore the
residual energy EGr of every node based on complete packets it has forwarded and
received is given by the equation
EGr = EGinit – EGpkt* PKT𝑡, (6)
Atheeq. C, M. Munir Ahamed Rabbani
154
where EGpkt denotes the consumption energy for forwarding or receiving for every packet
and PKTt denotes total number of packets that are forwarded or received.
In our work, the buffer capacity required by each node to share is limited and equal,
which is denoted by BFinit. The buffer space of a node is decreased whenever it receives
the packet m whose size is BFm and whenever it drops a packet n whose size is BFn, the
remaining buffer space will be increased. In an overall, the residual buffer BFnew is
evaluated with the following equation:
BFnew = BFinit − BF𝑚+ BF𝑛. (7)
Using this equation, the residual buffer space of each node can be updated according to
its data exchange.
Table 1. Notations used in this paper.
Notations Description
GW_ADV Gateway Advertisement message
GW_SOL Gateway Solicitation message
Chebyshev polynomial
h Hash Function
Secret Key Generation
P, C Plain Text, Cipher Text
EGinit Initial Energy
EGr Residual Energy
EGpkt Consumption Energy for forwarding or receiving for every Packet.
PKTt Total Number of Packets that is forwarded or received.
BFinit Buffer Capacity
BFm Buffer Receives Packet m
BFn Buffer Drops Packet n
BFnew Residual Buffer
MN, GW, FN Mobile Node, Gateway, Fixed Node
m, g, f Prime Numbers for Mobile Node, Gateway and Fixed Node respectively
pw Password
Encryption Key for Encrypting Hash Value into Cipher Text.
Decryption Key for Decrypting Cipher Text into Hash Value.
SK Session Key
DT m1,m2 Direct Trust of m1 on m2 mobile nodes
ITm1,m2 Indirect Trust of m1 on m2 mobile nodes
T Complete Trust
Rp, Rq, Re Route Reply, Route Request and Route Error respectively
W Weight assigned
α and β Constants whose values lies between 0 and 1
Secure Intelligence Algorithm in IIM
155
Fig 5. Flowchart of the proposed model.
Atheeq. C, M. Munir Ahamed Rabbani
156
5. Performance Analysis
Simulator NS 2.34 is used to check the performance of proposed scenario by using the
parameters presented in table 2. Under same network environment, the performance of
RSA is also verified and compared with our proposed model. The overhead and session
key management time of proposed technique with respect to key size besides eliminating
the false misbehavior attack in IIM after identifying misbehavior nodes.
Table 2.Simulation parameters of IIM
Values Network Parameters
90 s Simulation Duration
10-40 Number of Nodes
Wireless Channel Channel
802.11 MAC
Random way point Mobility Model
Reactive Routing Protocol
Random way point Radio Communication
512 bytes Packet Size
CBR Traffic
1000m x1000m Network Area
Fig 6. Comparison of Packet Delivery Fraction versus number of nodes.
In the above graph, we have analyzed the packet delivery fraction in SIA proposed
technique and the existing approaches by increasing number of nodes from 10 to 40. The
results show that the proposed technique has more delivery fraction of packets compared
to the existing secure knowledge algorithms and trusted knowledge algorithm. In SKA,
Secure Intelligence Algorithm in IIM
157
the delivery ratio is very poor and in TKA it is little improved but overall SIA give
effective packet delivery fraction more than 95%.
Fig 7. Comparison of Routing Overhead versus number of nodes
The x-axis represents the number of nodes and the y-axis represents the overhead
measured in terms of number of packets. Each packet requires extra bytes of format
information that is stored in the packet header, which is combined with the packets and
that results in minimizing the overall transmission speed of the raw data. The overhead
increases as the number of packets increases slightly in all the examined algorithms but in
over all, our proposed technique SIA has very less overhead.
Fig 8. Comparison of Throughput versus number of nodes
In the above graph we are measuring the throughput of the network. Throughput is a
measure of how many packets a node can process in a given amount of time. The
throughput of our proposed technique is also more when compared to the existing secure
Atheeq. C, M. Munir Ahamed Rabbani
158
knowledge algorithm and trusted knowledge algorithm. Generally, it is the maximum rate
of production or the maximum rate at which something can be processed.
6. Conclusion
Our research figures out an enhanced provably secure intelligence algorithm that
identifies the actual reason for packet dropping in order to justify that a node is
misbehaviour node and also provide mutual authentication protocol for trusted nodes
based on chaotic maps in the integration of internet and MANET. From the existing
techniques, this algorithms figures whether the node drops the packet intentionally or
unintentionally and find out the reason behind packet dropping which the base for
misbehaviour node detection. The results are also compared with the existing RSA
algorithm with respect to key generation time used for authentication purpose. The
Secure Intelligence Algorithm (SIA) uses less computational overhead compared to RSA
which is an important considerable factor in IIM since it is a distributed network. The
secrete key evaluated with the help of Chaotic maps could not be resolved by attacker
within polynomial time. Hence our SIA algorithm is more suitable in the practical
environment which is based on symmetry for mobile nodes in MANETs and
transparency at fixed node in internet.it is assumed that the nodes in IIM share the
password in a secure channel, however in upcoming methodologies the password sharing
method can be based on biometric, so as to provide effective security to IIM network.
Appendix
a) False misbehavior attack : It is one such attack in routing, in which malicious
node sends false message to source
Theorem: Resolving False misbehavior attack
Proof:
Fig 9: False Misbehavior.
In figure 9, node A sends back a misbehavior report even node B forwarded the packet to
Secure Intelligence Algorithm in IIM
159
C. To overcome this attack encrypted acknowledgement is required which is achieved
through our proposed chaos theory.
b) Mutual Authentication: If two nodes authenticate with one another properly
and at the same time gaining the session key is known as Mutually authenticated key
agreement
Theorem: The proposed protocol can achieve mutual authentication and key agreement.
Proof:
Let us consider an example of Key exchange process between the mobile node and fixed
node in IIM is as follows
The public data is: (x, and (x,
The private data is: m and f
Mobile node Fixed node
Let , m=17(MN private key)
x=
cos(m.
=cos(17*73)
=-0.9455185756
MN sends (x, as public key to FN
Compute
=
=cos(m.
=cos(17*4.999999995)
=0.08715574274
Let f=5(FN private key)
x=
cos(f.
=cos(5*73)
=0.9961946981
FN sends (x, as public key to MN.
Compute
= -0.9455185756)
=cos(f. -0.9455185756))
=cos(5*161)
=0.08715574274.
c) Bogus Registration: If a malicious MN performs a fake registration by
spoofing an IP address to masquerade itself as someone else then bogus registration
occurs. A bogus registration may cause a wrong mobility binding so that all packets are
tunneled to malicious MN rather than correct MN. By a bogus registration, the attacker
obtains the right to access the internet and can implement further attacks on internet.
Theorem. The proposed protocol prevents from bogus registration.
Proof:
In proposed system registration of MN is done through authentication process in which
MN uses secret prime number for authentication purpose. The MN does not share the
Atheeq. C, M. Munir Ahamed Rabbani
160
secret prime number even in secure channel. So it is impossible for an attacker to
masquerade itself with other MN.
d) Man-in-the-middle attack: The man-in-the-middle attack is an attack where
the attacker secretly relays and possibly alters the communication between two parties
who believe they are directly communicating with each other.
Theorem: The proposed protocol can resist Man-in-the-middle attack.
Proof:
The paper on one side assumes all that the password is shared through secured medium.
On the opposite side, our method has effectively validated (in fig. 5) each other among
mobile nodes, gateway and fixed node in view of these secrets. Thus intruder has no
chance to relay and modify the communication between MN and FN.
e) Known-key security: The process of shielding the resulting session keys from
uncovering regardless of the possibility that the past session keys are uncovered by the
intenders is said to be Known-key security.
Theorem: The known key security can be proved by our technique.
Proof:
As the session key SK =Tm(Tf(x))= Tf(Tm (x)) is relied on upon the irregular prime
numbers m & f , & the era of key is autonomous in all phases, an enemy can't process the
past and the future session keys when the enemy has one session key. What's more, in the
private upgrade stage and only once session key is utilized, so it has known key security
trait.
f) Black Hole attack: An attack in which the node or a router is supposed to
forward the packets instead it discards them lading to black hole attack.
Theorem: The black hole attack can be mitigated with our proposed method.
Proof:
Secure Intelligence Algorithm in IIM
161
Our proposed algorithm monitors the neighbor nodes promiscuously and records its
behavior regarding packet operations. If it finds that the node is not further forwarding
the packets and its packet dropping reaches the threshold the it notices the node to be a
black hole attack.
References
Abduljalil, F.M. and Bodhe, S.K., 2007. A survey of integrating IP mobility protocols and mobile
ad hoc networks. IEEE Communications Surveys & Tutorials, 9(1), pp.14-30.
Cai, Z., et al., 2015. A Chebyshev-Map Based One-Way Authentication and Key Agreement
Scheme for Multi-Server Environment. International Journal of Security and Its
Applications, 9(6), pp.147-156.
Castelluccia, C. and Montenegro, G., 2002. Protecting AODV against Impersonation attacks. ACM
SIGMOBILE Mobile Computing and Communications Review, 6(3), pp.108-109.
Chan, H.F. and Rudolph, H., 2015, November. New energy efficient routing algorithm for Wireless
Sensor Network. In TENCON 2015-2015 IEEE Region 10 Conference (pp. 1-5). IEEE
Ding, S., 2008. A survey on integrating MANETs with the Internet: Challenges and
designs. Computer Communications, 31(14), pp.3537-3551.
Gharib M, et al., 2017 Feb 11. Fully distributed ECC-based key management for mobile ad hoc
networks. Computer Networks.113:269-83.
Gong, P., Li, P. and Shi, W., 2012. A secure chaotic maps-based key agreement protocol without
using smart cards. Nonlinear Dynamics, 70(4), pp.2401-2406.
Guo, C. and Chang, C.C., 2013. Chaotic maps-based password-authenticated key agreement using
smart cards. Communications in Nonlinear Science and Numerical Simulation, 18(6), pp.1433-
1440.
Hu, Y.C., Johnson, D.B. and Perrig, A., 2003. SEAD: Secure efficient distance vector routing for
mobile wireless ad hoc networks. Ad hoc networks, 1(1), pp.175-192.
Hussain, I., Shah, T. and Gondal, M.A., 2012. A novel approach for designing substitution-boxes
based on nonlinear chaotic algorithm. Nonlinear Dynamics, 70(3), pp.1791-1794.
Hussain, I., et al., 2013. An efficient approach for the construction of LFT S-boxes using chaotic
logistic map. Nonlinear Dynamics, 71(1-2), pp.133-140.
Jisha, G., Samuel, P. and Paul, V., 2016. Role of Gateways in MANET Integration
Scenarios. Indian Journal of Science and Technology, 9(3).
Khan, M., et al., 2013. An efficient method for the construction of block cipher with multi-chaotic
systems. Nonlinear Dynamics, 71(3), pp.489-492.
Kobbane, A., Ben-Othman, J. and El Koutbi, M., 2013, June. Packet dropping for real-time
applications in wireless networks. In Communications (ICC), 2013 IEEE International
Conference on (pp. 2949-2953). IEEE.
Kshirsagar, D. and Patil, A., 2013, July. Blackhole attack detection and prevention by real time
monitoring. In Computing, Communications and Networking Technologies (ICCCNT), 2013
Fourth International Conference on (pp. 1-5). IEEE.
Lai, H., et al., 2014. Provably secure three-party key agreement protocol using Chebyshev chaotic
maps in the standard model. Nonlinear Dynamics, 77(4), pp.1427-1439.
Lai, H., et al., 2012. Applying semigroup property of enhanced Chebyshev polynomials to
anonymous authentication protocol. Mathematical Problems in Engineering, 2012.
Lee, C.C. and Hsu, C.W., 2013. A secure biometric-based remote user authentication with key
agreement scheme using extended chaotic maps. Nonlinear Dynamics, 71(1-2), pp.201-211.
Atheeq. C, M. Munir Ahamed Rabbani
162
Lee, C.C., Li, C.T. and Hsu, C.W., 2013. A three-party password-based authenticated key exchange
protocol with user anonymity using extended chaotic maps. Nonlinear Dynamics, 73(1-2),
pp.125-132.
Melaku, H.M., Woldegebreal, D.H. and Raimond, K., 2015. Investigating the effects of security
attacks on the performance of TCP variants and routing protocols in MANET. International
Journal of Computer Applications in Technology, 51(3), pp.235-246.
Niu, Y. and Wang, X., 2011. An anonymous key agreement protocol based on chaotic
maps. Communications in Nonlinear Science and Numerical Simulation, 16(4), pp.1986-1992.
Ozkaynak, F. and Yavuz, S., 2013. Designing chaotic S-boxes based on time-delay chaotic
system. Nonlinear Dynamics, 74(3), pp.551-557.
Rachh, A.V., Shukla, Y.V. and Rohit, T.R., 2014. A Novel Approach for Detection of Blackhole
Attacks. IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN, pp.2278-0661.
Rai, A.K., Tewari, R.R. and Upadhyay, S.K., 2010. Different types of attacks on integrated
MANET-Internet communication. International Journal of Computer Science and
Security, 4(3), pp.265-274.
Rajaram, A. and Palaniswami, S., 2010. Malicious node detection system for mobile ad hoc
networks. International Journal of Computer Science and Information Technologies, 1(2),
pp.77-85.
Ramanarayana, K. and Jacob, L., 2007, July. Secure routing in integrated mobile ad hoc network
(MANET)-Internet. In Security, Privacy and Trust in Pervasive and Ubiquitous Computing,
2007. SECPerU 2007. Third International Workshop on (pp. 19-24). IEEE.
Siddiqua, A., Sridevi, K. and Mohammed, A.A.K., 2015, January. Preventing black hole attacks in
MANETs using secure knowledge algorithm. In Signal Processing And Communication
Engineering Systems (SPACES), 2015 International Conference on (pp. 421-425). IEEE.
Sivakami, T. and Shanmugavel, S., 2011, December. An overview of mobility management and
integration methods for heterogeneous networks. In 2011 Third International Conference on
Advanced Computing (pp. 41-45). IEEE.
Sivakumar, T. and Manoharan, R., 2015. OPRM: an efficient hybrid routing protocol for sparse
VANETs. International Journal of Computer Applications in Technology, 51(2), pp.97-104.
Sumathi, K., et al., 2015. An investigation on the impact of weather modelling on various MANET
routing protocols. Indian Journal of Science and Technology, 8(15).
Tahat, N., 2016. Convertible multi-authenticated encryption scheme with verification based on
elliptic curve discrete logarithm problem. International Journal of Computer Applications in
Technology, 54(3), pp.229-235.
Tan, Z., 2013. A chaotic maps-based authenticated key agreement protocol with strong
anonymity. Nonlinear Dynamics, 72(1-2), pp.311-320.
Thachil, F. and Shet, K.C., 2012, September. A trust based approach for AODV protocol to
mitigate black hole attack in MANET. In Computing Sciences (ICCS), 2012 International
Conference on (pp. 281-285). IEEE.
Wu, S., et al., 2013. Cryptanalysis and enhancements of efficient three-party password-based key
exchange scheme. International Journal of Communication Systems, 26(5), pp.674-686.
Xie, Q., Zhao, J. and Yu, X., 2013. Chaotic maps-based three-party password-authenticated key
agreement scheme. Nonlinear Dynamics, 74(4), pp.1021-1027.
Xue, K. and Hong, P., 2012. Security improvement on an anonymous key agreement protocol
based on chaotic maps. Communications in Nonlinear Science and Numerical
Simulation, 17(7), pp.2969-2977.
Yoon, E.J., 2012. Efficiency and security problems of anonymous key agreement protocol based on
chaotic maps. Communications in Nonlinear Science and Numerical Simulation, 17(7),
pp.2735-2740.
Secure Intelligence Algorithm in IIM
163
Yoon, E.J. and Jeon, I.S., 2011. An efficient and secure Diffie–Hellman key agreement protocol
based on Chebyshev chaotic map. Communications in Nonlinear Science and Numerical
Simulation, 16(6), pp.2383-2389.
Zeba Naaz, Kauser Fatima, Atheeq C., 2017. Performance Based Comparison Study of RSA and
Chaotic Maps in MANET. SSRG International Journal of Electrical and Electronics
Engineering (SSRG - IJEEE), V4(2).
Zhao, F., et al., 2013. Cryptanalysis and improvement of a three-party key agreement protocol
using enhanced Chebyshev polynomials. Nonlinear Dynamics, 74(1-2), pp.419-427.
Zhen, P., et al., 2014. Key agreement protocol based on extended chaotic maps with anonymous
authentication.
Zhu, H., 2015. Flexible and Password-Authenticated Key Agreement Scheme Based on Chaotic
Maps for Multiple Servers to Server Architecture. Wireless Personal Communications, 82(3),
pp.1697-1718.