1 / 37

TAODV: A Trusted AODV Routing Protocol for MANET

TAODV: A Trusted AODV Routing Protocol for MANET. Li Xiaoqi, GiGi Term Presentation 2004-4-27. Outline . Introduction Framework of TAODV Trust model for TAODV Routing operations in TAODV Analyses and simulations Conclusion. Now Comes to: . Introduction Framework of TAODV

amayeta
Télécharger la présentation

TAODV: A Trusted AODV Routing Protocol for MANET

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi Term Presentation 2004-4-27

  2. Outline • Introduction • Framework of TAODV • Trust model for TAODV • Routing operations in TAODV • Analyses and simulations • Conclusion

  3. Now Comes to: • Introduction • Framework of TAODV • Trust model for TAODV • Routing Operations in TAODV • Analyses and Simulations • Conclusion

  4. Introduction • Mobile Ad Hoc Network (MANET) • No fixed infrastructure • Multi-hop routing by cooperation of nodes in a self-organized way • Nodes has high mobility • Underlying medium is wireless • Frequent link layer errors • Vulnerable to kinds of attacks

  5. Routing Protocols for MANET • DSR: • The Dynamic Source Routing Protocol • DSDV: • Destination-Sequenced Distance Vector Protocol • AODV: • Ad Hoc On-Demand Distance Vector Protocol • Two main routing messages: • RREQ: Routing REQuest • RREP: Routing REPly

  6. Applications of MANET • Personal area networking • Meeting rooms • Disaster relief • Battlefield operations  High Security Requirements

  7. Previous Security Solutions for MANET • Secure routing protocol • may perform digital signature authentication at each routing message • huge overhead • Key management mechanism • usually need a super-trusted third-party to issue certificates • destroy the self-organization nature of MANET

  8. Previous Security Solutions for MANET (con’d) • Intrusion detection mechanism • Listen, collect and analyze all traffics on each node • Huge process overhead Our aim is to design a secure routing protocol, called TAODV (Trusted AODV Routing Protocol), without introducing huge overhead or destroying the self-organization nature of MANET

  9. Now Comes to: • Introduction • Framework of TAODV • Trust model for TAODV • Routing Operations in TAODV • Analyses and Simulations • Conclusion

  10. Main Ideas of TAODV • A secure routing protocol for MANET • Use trust relationships among nodes for routing • Employ a trust model derived from subjective logic • Trust calculation is not very time-consuming • Need not sign and verify digital signature at each routing message • Cooperate with a self-organized key management mechanism • such as some threshold solutions • We take AODV for example to illustrate our idea

  11. Four Modules of TAODV • Basic routing protocol (AODV in this work) • Trust model • Define the algorithms or rules to combine, judge, and update trust information based on subjective logic • Trusted routing protocol • Self-organized key management mechanism • generate a {secret, public} key pair for each node and distribute public keys in a secure self-organized way • A pre-requisition, will not discuss it in this presentation

  12. Module of Trusted Routing Protocol • Include operations of • trust recommendation • trust combination • trust judgement • trust update • signature authentication • trust authentication

  13. Framework of TAODV

  14. Now Comes to: • Introduction • Framework of TAODV • Trust model for TAODV • Routing Operations in TAODV • Analyses and Simulations • Conclusion

  15. Representation of Trust • Use Opinion to represent trust: • A two-dimensional, but three-element metric • -- Probability of node A believing in node B • -- Probability of node A disbelieving in node B • -- Probability of node A’s uncertainty about B • We define that

  16. Combination of Trust • Discounting Combination: • Combine trusts along one path • Combine • Equation: Let

  17. Combination of Trust (con’d) • Consensus Combination: • Combine trusts from several paths • Combine • Equation: Let

  18. Mapping Between Evidence and Opinion space • Mapping from evidence space to opinion space: • αis a parameter • imply the change rate of b, d, and u • we can adjust it to meet our application • p : positive evidences • n : negative evidences

  19. Mapping Between Evidence and Opinion space (con’d) • Mapping from opinion space to evidence space: • We can update trust information from evidence space mapping to opinion space, or vice versa

  20. Now Comes to • Introduction • Framework of TAODV • Trust model for TAODV • Routing Operations in TAODV • Analyses and Simulations • Conclusion

  21. Trust Recommendation • Exchange trust information • Three types of message: • TREQ: Trust REQuest • TREP: Trust REPly • TWARN: Trust WARNing • Broadcast TWARN when a node’s disbelief value is zero

  22. Trust Recommendation (con’d) • Message Structure • TREQ  • TREP 

  23. Trust Judgement • Predefined trust judging rules b – belief d – disbelief u – uncertainty h – threshold which can be adjusted to meet different security level (default h=0.5)

  24. Trust Update • Update of Evidences • Successful Communication Positive events: p++ • Failed Communication Negative events: n++ • Mapping from opinion space • Update of opinion • Combination from different recommendations • Mapping from evidence space

  25. Routing Table Extension • Add three fields into original routing table • Positive events • Negative events • Opinion • New routing table format

  26. Routing Message Extension • Add such fields into original routing messages • Trust information, or • Digital signature information • RREQ  TRREQ • RREP  TRREP • Message structure:

  27. General Process of TAODV • On initialization, each node’s opinion towards others is (0,0,1), which means total uncertainty of other nodes’ trustworthiness. • Nodes perform signature authentication during the initialization period. • After some trust exchanges and data communications, thus with the increase of either positive or negative events, the uncertainty will be decreased and the trust relationship among nodes are forming. • When the trust relationship in the network has been established, the authentication of nodes will mainly use trust authentication.

  28. C S P D N Trusted Routing Discovery • S originated a routing request to D • C is the current node • P is C’s precursor, N is the next hop • Suppose threshold=0.5

  29. Routing Process at Current Node Trust exchange step1: Authenticate P step2: Authenticate S step3: step4: Authenticate D

  30. Trust exchange for opinions to S, D, P Combine  opinion(C,P) d>0.5 U>0.5 or b,d,u<=0.5 Judge opinion(C,P) b>0.5 Combine  opinion(C,S) U>0.5 or b,d,u<=0.5 d>0.5 Judge opinion(C,S) b>0.5 Combine  opinion(C, D) Y d>0.5 U>0.5 or b,d,u<=0.5 Signature authentication Judge opinion(C, D) Have route? b>0.5 N enqueue Correct? Have route? N Y N Y Deny TRREP Re-TRREQ TRREP Deny Wait for RREQ Routing Process at Current Node

  31. Now Comes to: • Introduction • Framework of TAODV • Trust model for TAODV • Routing operations in TAODV • Analyses and simulations • Conclusion

  32. Performance Analysis • Communication overheads can be sharply reduced by avoiding signature generation and verification at each routing message. • Bandwidth overheads can be largely reduced because of replacing 1024/2048 bit signatures to simple trust values.

  33. Security Analysis • If no misbehavior, trust value will keep increasing. • If an external malicious node, it will at once be denied due to not providing valid signature. • We only consider to prevent external attacks. • Internal attacks can be eased through certificates renewal.

  34. Simulation Environment • Simulator: ns-2

  35. Selected Simulation Results Throughput of receiving bits VS Average End2End delay (pause time: 10s)

  36. Conclusion • TAODV is a trusted routing protocol which cooperates with a self-organized key management mechanism. • It introduces less computation overheads than previous secure routing protocol solutions and also guarantee a certain security level. • It performs trusted routing in a self-organized way.

  37. Q&A Thank You!

More Related