ABSTRACT
This research is aimed at the development of an enhanced Trust Management Scheme (eTMS) for secured routing in opportunistic networks (oppnets). Opportunistic routing allows communication to be set up between nodes even without infrastructure in a delay tolerant fashion. Oppnet has become more pertinent now with the proliferation of autonomous mobile devices. However, malicious devices pose potential security threats (packet dropping, denial of service (DoS) attack, black hole attack, identification (ID) spoofing, etc.) to the performance of oppnets. This is due to the inherent characteristics of such networks like ever changing network topology and lack of a definite communication path between nodes amongst others. These characteristics created the issue of a lack of end-to-end connectivity thus making it extremely difficult to establish authentication between the source node and the destination node. In this work, the eTMS is developed by optimally determining, through simulations, the trust threshold value that decides the success probability of building behaviour trust in the standard trust management scheme (TMS) reported in literature. This is implemented in the proposed new variant of the probabilistic routing protocol for intermittently connected mobile ad-hoc network (PRoPICMAN), called the improved PRoPICMAN (iPRoPICMAN), that considered a multi-hop scenario. Simulation was carried out using the Opportunistic Network Environment (ONE) simulator using the benchmark Helsinki simulation area. The iPRoPICMAN when compared with the PRoPICMAN (without any TMS) increased the delivery probability from 0.2806 to 0.4156 (by 48%), increased the delay from 4613s to 5717s (by 23%) and reduced the overhead ratio from 68 to 46 (by 32%). This implied that iPRoPICMAN improved the performance of the oppnet compared with the PRoPICMAN but at the expense of delay. The iPRoPICMAN with the TMS (with threshold value set at 0.6) when compared with the iPRoPICMAN increased the delivery probability from 0.4156 to 0.4976 (19%), increased the delay from 5717s to 6713s (17%) and reduced the overhead ratio from 46 to 38 (17%). The iPRoPICMAN with eTMS (with optimal threshold value of 0.73) is shown to improve the delivery probability by 2% (0.4976 to 0.5065) and reduced the delay by 2% (6713s to 6607s) when compared with the iPRoPICMAN with TMS while maintaining a similar overhead ratio. Comparison between the iPRoPICMAN with TMS and the iPRoPICMAN with eTMS using delivery probability, delay and overhead ratio showed that the eTMS outperformed the TMS by 2% (0.5102 to 0.5221), 10% (2736s to 2464s) and 7% (135 to 126), respectively when run on the developed novel oppnet simulation area called the Ahmadu Bello University (ABU) simulation area. These results indicate that securing a routing protocol through trust-based methods improved the oppnet performance but sometimes with a trade-off in delay and that the threshold value is critical to the performance of such methods (as some values can result in zero network performance).
TABLE OF CONTENTS
DECLARATION ii
CERTIFICATION iii
DEDICATION iv
ACKNOWLEDGEMENT v
ABSTRACT vii
TABLE OF CONTENTS viii
LIST OF FIGURES xi
LIST OF TABLES xiv
LIST OF APPENDICES xv
LIST OF ABBREVIATIONS xvii
CHAPTER ONE: INTRODUCTION 1
1.1 Background 1
1.2 Significance of the Research 6
1.3 Problem Statement 6
1.4 Scope of the Research 7
1.5 Aim and Objectives 7
1.6 Methodology 8
1.7 Thesis Organization 10
CHAPTER TWO: LITERATURE REVIEW 11
2.1 Introduction 11
2.2 Review of Fundamental Concepts 11
2.2.1 Delay tolerant networks 11
2.2.2 Concept of the opportunistic networks 13
2.2.3 Opportunistic network node definition 16
2.2.4 Seed and expanded opportunistic networks 17
2.2.5 Opportunistic Networks and Mobile Ad-hoc Network (MANETs) 20
2.2.6 Routing in opportunistic network 20
2.2.7 Security issues in oppnets 30
2.2.8 Attacks in opportunistic network 31
2.2.9 Security/privacy solution in oppnets 34
ix
2.2.10 Trust management 35
2.2.11 Trust management scheme based on behavior feedback for oppnets 40
2.2.12 Evaluating the performance of DTN routing protocols 51
2.2.13 ONE simulator 53
2.2.14 Performance metrics 55
2.2.15 Helsinki simulation area 55
2.2.16: Ahmadu Bello University (Main Campus) Zaria 57
2.3 Review of Similar Works 58
CHAPTER THREE: MATERIALS AND METHODS 73
3.1 Introduction 73
3.2 Materials 73
3.3 Setting of the Simulation Environment 73
3.4 Modeling the Simulation Environment 77
3.5 Replication of the of PRoPICMAN 82
3.6 Development of the Improved PRoPICMAN (iPRoPICMAN) 87
3.7 Replication of the TMS 91
3.8 Development of the eTMS 95
3.8.1 Selection of the optimum trust threshold value 95
3.9 Running Simulations of TMS and eTMS. 97
3.10 Modeling the ABU Network Simulation Area. 101
3.11 Running Simulations on the ABU Simulation Area. 105
CHAPTER FOUR: RESULTS AND DISCUSSION 108
4.1 Introduction 108
4.2 Result of the PRoPICMAN 108
4.3 Results of the iPRoPICMAN 110
4.4 Comparison of the PRoPICMAN with the iPRoPICMAN 111
4.5 Results of the iPRoPICMAN with TMS 113
4.6 Results of the eTMS 117
4.7 Comparison between the iPRoPICMAN with TMS and iPRoPICMAN with eTMS 121
4.8 Results of the iPRoPICMAN with TMS on the ABU Simulation Area 124
x
4.9 Results of the iPRoPICMAN with eTMS on the ABU Simulation Area 125
4.10 Comparison between the TMS and the eTMS on ABU Simulation Area 129
CHAPTER FIVE: SUMMARY, CONCLUSIONS AND RECOMMENDATIONS 132
5.1 Summary 132
5.2 Conclusions 132
5.3 Contribution to Knowledge 134
5.5 Recommendations for Future Work 135
REFERENCES
CHAPTER ONE
INTRODUCTION
1.1 Background
A delay or disruption tolerant network (DTN) is a type of network that provides communication through mobile nodes in an unstable and stressed environment. The network will normally be subjected to frequent and long lasting disconnections, high end-to-end path latency, limited resources (power, bandwidth etc.) and may comprise of more than one divergent set of protocols (Chen et al., 2011; Fall & Farrell, 2008). DTN finds application in mobile, wireless and terrestrial environments. Typical DTNs include mobile ad-hoc networks (MANET), vehicular ad-hoc networks (VANET), sensor networks (like the acoustic underwater networks), inter-planetary networks (IPN) and opportunistic networks (oppnets) amongst others. The oppnet is an autonomous connection of users that communicate over relatively bandwidth-constrained wireless networks with or without infrastructure. According to Kaur & Kaur (2009) and Verma & Srivastava (2012), oppnet has the following basic features:
1) wirelessly connected nodes that are fixed or mobile (a node is an electronic device that is attached to a network and is capable of sending, receiving or forwarding information over communication channel).
2) A complete path between two nodes aspiring to communicate does not exist.
3) It does not have a fixed communication range.
4) Its routes are dynamically built as any node can opportunistically be used as next hop provided it is likely to bring the message closer to the final destination.
5) Network topology is also flexible as it can change at any time.
2
With recent advances in their routing technology, application of oppnets is gaining grounds in the following areas (Dinakar, et al., 2013):
1) Tactical networks (like in military operations)
2) Emergency services (rescue operations, disaster recovery and hospital).
3) Education (campus networks, e-learning, virtual classrooms, etc.).
4) Network coverage extension so as to:
a) provide backup in case of normal network failure,
b) provide link for portable or temporary workstations,
c) overcome situations where normal cabling is difficult or financially impractical, and
d) connect remotely mobile users or networks
Since a complete path between two nodes aspiring to communicate does not exist, there is the problem of lack of end-to-end connectivity in an oppnet, which makes it impossible to make direct initial authentication from a source node to a destination node. The absence of the initial authentication makes malicious devices join the oppnet causing different forms of security threats.
A number of routing protocols exist in oppnets including amongst others (Vahdat & Becker 2000; Lindgren et al., 2003; Keranen & Ott, 2009; Verma & Srivastava, 2012; Lin et al., 2008; Islam & Waldvogel 2011; Asgari et al., 2013; Hu et al., 2013):
1) Epidemic 2) Probabilistic Routing Protocol using History of Encounters and Transitivity (PRoPHET)
3) Spray-and-Wait
3
4) MaxProp
5) Direct delivery
6) Integrated routing protocol
7) Coding in Opportunistic Routing (CodeOR) 8) History Based Routing Protocol for Opportunistic Networks (HIBOp)
9) Practical Opportunistic Routing (POR)
10) Probabilistic Routing Protocol for Intermittently Connected Mobile Ad-hoc Network (PRoPICMAN)
These protocols are mostly used in order to increase forwarding probability and reduce transmission delay with little or no consideration for security. As such, malicious devices readily join the oppnet due to its aforementioned nature. These malicious devices receive and drop packets at will, masquerade themselves and hijack or tamper with messages meant for other nodes, exaggerate the trust value of other malicious devices or lower the trust value of a trusted node, etc. These behaviors could lead to loss of packets, increase in delay of message transmission, breach of privacy, compromising data confidentiality and integrity, and eventually, decrease in performance of the network evident from a decrease in delivery probability (Barai & Bhaumik, 2016). As such, security consideration is a critical issue in oppnet routing protocol.
Various mechanisms have been used to address security issues in oppnets, classified as trust-based and privacy-based protocols. The trust-based protocols are further divided into friend-vector based, familiarity-based, reputation based and hybrid-trust based (Barai & Bhaumik, 2016). On the other hand, the privacy-based protocols are divided into cryptography-based and cryptography-free as depicted in Figure 1.1 (Barai & Bhaumik, 2016).
4
Familiarity-based Trust
Trust-based
Protocols
Friend Vectorbased
Trust
Reputationbased
Trust Hybrid Trust
Privacy-based
Protocols
Cryptographybased
Cryptographyfree
Security
Mechanism
Figure 1.1: Taxonomy of Security Mechanisms in Oppnets (Barai & Bhaumik, 2016)
Another classification for the trust-based protocol has three types: social trust, environmental
trust and similarity trust as depicted in Figure 1.2 (Trifunovic & Legendre, 2009). This
classification presented the security mechanism as trust-based and cryptography-based.
Security Mechanism in Oppnet
Cryptograghy-based
Social Trust
Trust-based
Environmental Trust Similarity Trust
Figure 1.2: Security Mechanisms in Oppnets (Trifunovic & Legendre, 2009)
Due to the characteristics of oppnets (lack of end-to-end connectivity, unstable structure,
etc.), cryptography-based schemes are unsuitable because nodes depend mainly on the next
hop in order to forward data. This informed the need for a security mechanism which would
ensure that the intermediate nodes do not behave maliciously. Cryptography-based
algorithms are also not well realizable in oppnets because they require very complex and
computationally intensive operations in order to obtain the required level of protection. Most
devices in oppnets are made to be portable and energy efficient and as such even have less
5
powerful hardware than those contained in conventional personal computers (PCs) (Xi et al., 2015; Trifunovic & Legendre, 2009; Barai & Bhaumik, 2016; Ciobanu et al., 2016). In view of these, the trust-based schemes are the preferred security mechanisms for oppnets.
The trust management schemes (TMS) are dependent of the computation of trust values (which represent the trustworthiness of a node in the network). The establishment of trust can validate a nodes’ legitimacy and resist malicious nodes more effectively in oppnets. However, the efficiency of the trust algorithms depends on what basic framework is followed in calculating the trust in oppnets (Xi et al., 2015; Trifunovic & Legendre, 2009; Barai & Bhaumik, 2016). The determination of the trust threshold values for the various schemes reported in literature (Xi et al., 2015; Yao et al., 2016; Trifunovic & Legendre, 2009, etc.) have mostly been assumed, thereby creating some degrees of vagueness.
The determination of an optimal thrust value for the TMS leading to the development of the enhanced TMS (eTMS) using the trust model of Xi et al., (2015) is one of the key focus areas of this research. This is because an optimal threshold value is expected to guarantee an increase in network performance in oppnets. An experimental approach is adopted in determining the optimal trust value from a series of values obtained from several experiments. Simulations of the TMS and the proposed eTMS, implemented on the PRoPICMAN and its improved version called the improved PRoPICMAN (iPRoPICMAN) that considers a multi-hop scenario, are then carried out using the opportunistic network environment (ONE) simulator on the benchmark Helsinki simulation area and the Ahmadu Bello University (ABU) (main campus) simulation area. The ABU simulation area is proposed using ONE as a novel simulation area for oppnet research.
6
1.2 Significance of the Research
Oppnets, due to their flexibility and ease of deployment, are fast gaining ground as networks of choice in emergency services, military operations, network expansion, etc., especially in difficult environments. However, because there is no guaranteed end-to-end connectivity, the possibility of oppnets being joined by malicious nodes, thereby threatening the confidentiality and integrity of data, is a critical one and a limiting factor to their widespread use. The TMS is one of the most preferred schemes for addressing security challenges in the oppnets and their effectiveness is largely dependent of their trust threshold value. This work, is therefore, focused on developing an eTMS in which the trust threshold value is optimally determined via simulation. The eTMS is expected to improve network security and performance in terms of delivery probability and overhead but with a likely trade-off in delay when implemented with the iPRoPICMAN.
1.3 Problem Statement
In oppnets, there is no initial authentication due to the problem of lack of contemporaneous end-to-end connectivity. Lack of end-to-end connectivity implies absence of feedback, which is a critical element of any authentication process. As a result of the absence of initial authentication, malicious devices can join the oppnet and impede the performance and integrity of the network. As such, there is no guaranteed confidentiality or integrity of data in the oppnet. There is therefore the need to device mechanisms to enhance the security of oppnets and invariably improve service delivery. One of the most preferred mechanisms is the TMS but its performance is highly dependent on the trust threshold value. This work focuses on developing an enhanced TMS (eTMS) that utilizes an optimal trust threshold
7
value that is implemented on the proposed new variant of the PRoPICMAN called the iPRoPICMAN and this is expected to show improvement in the security of the oppnet through improved delivery probability and reduced delays. The TMS and eTMS were simulated in ONE using the benchmark Helsinki simulation area and the novel ABU simulation area.
1.4 Scope of the Research
This research deals with security issues specifically in oppnets and not with all categories of DTNs. TMS is the security solution adopted in this research because it had been proven to perform well for oppnets. The routing protocol used is the PRoPICMAN in order to create basis for comparison with the conventional TMS.
1.5 Aim and Objectives
The aim of this research is the development of an enhanced trust management scheme (eTMS) for secured routing in oppnets.
The objectives are as follows:
1) Development of a new variant of the PRoPICMAN called the iPRoPICMAN that considers a multi-hop scenario.
2) Development of the eTMS that uses the trust threshold value which determines the success probability of building behaviour trust in the TMS model of Xi et al., (2015).
3) Simulation and comparison of the performance of the TMS and eTMS on the iPRoPICMAN using the ONE simulator on the benchmark Helsinki simulation area
8
using delivery probability, delays and overhead ratio as performance evaluation metrics.
4) Modeling the Ahmadu Bello University (ABU) main campus as a novel oppnet simulation area called the ABU simulation area using the ONE simulator.
5) Simulation and comparison of the performance of the TMS and eTMS on the iPRoPICMAN using the ONE simulator on the ABU simulation area using delivery probability, delays and overhead ratio as performance evaluation metrics.
1.6 Methodology
The steps of the methodology carried out to achieve the stated objectives include:
1) Setting of the simulation environment using the following steps:
a) Downloading and installing the java development kit (jdk) and java runtime environment (jre).
b) Setting the java path
c) Downloading and installing an integrated development environment (IDE).
d) Downloading and installing the ONE simulator
e) Interfacing the ONE simulator with the IDE
2) Modeling the simulation environment using the following:
a) Defining the types of nodes (pedestrians, car, trams, etc.)
b) Defining the characteristic of nodes (speed, transmission range, event generation interval, buffer space).
c) Defining the simulation area
3) Replication of the of PRoPICMAN using the following:
9
a) Building nodes’ profile using set of evidence pair
b) Hashing the evidences
c) Development of header for each node
d) Building the two-hop forwarding strategy
4) Development of the new variant of PRoPICMAN using the following:
a) Building nodes’ profile using set of evidence pair
b) Hashing the evidences
c) Development of header for each node
d) Building the multi-hop forwarding strategy
5) Replication of the TMS using the following:
a) Obtaining nodes’ profile information for development of certificate
b) Development of the successor selection algorithm
c) Development of the message selection algorithm
d) Development of the VFP propagation algorithm
6) Development of the eTMS using the following:
a) Obtaining nodes’ profile information for development of certificate
b) Selection of optimum trust threshold value
c) Development of the successor selection algorithm
d) Development of the message selection algorithm
e) Development of the VFP propagation algorithm
7) Running simulations of the following:
a) TMS using the iPRoPICMAN (multi-hop) on Helsinki simulation area
b) eTMS using the iPRoPICMAN on Helsinki simulation area
10
c) Comparison between the TMS and the eTMS using delivery probability, delay and overhead ratio as the metrics
8) Modeling the ABU network simulation area using:
a) Defining the types of nodes (pedestrians, car, etc.)
b) Defining the characteristic of nodes (speed, transmission range, buffer space)
c) Defining the simulation area
d) Extracting line map from the map obtained.
e) Importing the line map into the ONE simulator
9) Running simulations of the following:
a) TMS using the iPRoPICMAN on ABU simulation area
b) eTMS using the iPRoPICMAN on ABU simulation area
c) Comparison between the TMS and the eTMS using delivery probability, delay and overhead ratio as the metrics.
1.7 Thesis Organization
This thesis is divided into Five Chapters. The general introduction has been presented in Chapter One. This include the significance and scope of the study, statement of the problem, thesis aim and objectives as well as the methodology adopted for the thesis. Chapter Two presents the detailed review of fundamental concept of oppnets, security in oppnet, ONE simulator and a review of similar research works. Chapter three presents the materials and methods for modeling of the scenario, configuration, installation as well as simulations. Result and discussions are presented in Chapter Four. Summary, conclusions and recommendations are discussed in Chapter Five.
11
Do you need help? Talk to us right now: (+234) 08060082010, 08107932631 (Call/WhatsApp). Email: [email protected].
IF YOU CAN'T FIND YOUR TOPIC, CLICK HERE TO HIRE A WRITER»
