260 likes | 451 Vues
New Approach for Selfish Nodes Detection in Mobile Ad hoc Networks Djamel Djenouri: Basic Software Laboratory, CERIST Center of Research, Algiers, Algeria. Email: ddjenouri@mail.cerist.dz Nadjib Badache: Computer Science Department, USTHB University, Algiers, Algeria.
E N D
New Approach for Selfish Nodes Detection in Mobile Ad hoc Networks Djamel Djenouri: Basic Software Laboratory, CERIST Center of Research, Algiers, Algeria. Email: ddjenouri@mail.cerist.dz Nadjib Badache: Computer Science Department, USTHB University, Algiers, Algeria. Email: badache@mail.cerist.dz SeCQos Workshop, Athens, September 2005
Outline 1 Overview on Mobile Ad hoc Networks (MANETs) 2 Selfish behavior on packet forwarding problem 3 Watchdog 4 Watchdog’s limitation 5 New Solution 6 Simulation results 7 Perspectives 8Conclusion SeCQos Workshop, Athens, September 2005
MANET Overview (Definition) • A MANET is a collection of Wireless mobile hosts making on the fly a temporary network, without relying on any fixed infrastructure. • No central administration exists • Mobile hosts cooperate to ensure roles ensured by the fixed infrastructure in traditional networks SeCQos Workshop, Athens, September 2005
MANET Overview (Multi-Hop) SeCQos Workshop, Athens, September 2005
MANET’s features • Dynamic Topology • Limited bandwidth • Limited physical Security • Infrastructurless • Limited energy resources SeCQos Workshop, Athens, September 2005
Selfish behavior SeCQos Workshop, Athens, September 2005
Watchdog •Proposed by Marti et al. In MobiCom 2000 • Many recent sophisticated solutions rely on it in their monitoring component SeCQos Workshop, Athens, September 2005
Watchdog’s principles • Based on the promiscuous mode monitoring and implemented with a source routing protocol. • When a node Na sends a packet to Nb to forward to Nc, it monitors it by simply overhearing the channel, it validates the forwarding iff it overhears the packet retransmitted by Nb. • This process is generated for each couple of hops in the route SeCQos Workshop, Athens, September 2005
Watchdog If packet heard OK Else increase Nc’s failure Tally failure Tally > threshold the node misbehave SeCQos Workshop, Athens, September 2005
Watchdog’s detection drawbacks • Does not detect correctly and could cause false detections when the power control technique is employed • Does not detect selfish nodes in many cases (collisions, partial dropping, collusions) SeCQos Workshop, Athens, September 2005
New solution (Two-hop ACK) • We propose a new monitoring solution based on two-hop ACK. • Assume A monitors B’s forwarding to C, this latter acknowledges each packet by sending a two hop ACK back to A via B. • An efficient asymmetric encryption strategy is used to ensure authenticity of ACKs and to prevent the following vulnerability: SeCQos Workshop, Athens, September 2005
New solution (hop ACK) • B misbehaves and drops packets, to circumvent A it sends it a falsified ACK on behalf of C. • The encryption strategy we used gets over this vulnerability and, • it is relatively of low cost, since it merely encrypts short random numbers, instead of compute digital signature on the packets. SeCQos Workshop, Athens, September 2005
New solution (hop ACK) - Decrypts r - - Checks whether it matches the one it generates - If so, it validates the forwarding • - Generates r • Encrypts it with C’s PK • Adds it to the packet • Decrypts r • Encrypts it with A’s PK • Adds it to a 2 hop ACK packet SeCQos Workshop, Athens, September 2005
Simulation results SeCQos Workshop, Athens, September 2005
Two-hop ACKs Problem • The obvious problem of our first solution is the important overhead it engenders, even if the nodes well behave. It requires a two-hop ACK for each data packet, which is costly. SeCQos Workshop, Athens, September 2005
Perspectives We plan to complete the proposal by • Reduce the overhead • Defining efficiently the threshold of accusasion • Defining actions that have to be taken when a node is accused as a selfish • and particulary by proposing a mechanism allowing nodes to exchange their knowledge regarding nodes that behave selfishly. SeCQos Workshop, Athens, September 2005
Random two-hop ACK • To overcome the two-hop cost, we suggest that A would not continuously ask an ACK, but randomlydecides whether to do so with a probability p, and maps the decision in the packet. • This randomization and mapping prevent B from deducing which packet includes an ACK request, and let it motivated to forward all packets SeCQos Workshop, Athens, September 2005
Random two-hop ACK • P is updated according to B’s behavior, it is decreased each time B forward a packet until reaching its minimum value, and set to 1 upon a dropping detection. • This way, more trust is accorded to well-behaving nodes and ACK ask is enforced after a dropping, which ensure the efficiency and decreases the cost especially when selfish nodes rate is low, as shown in the simulation results SeCQos Workshop, Athens, September 2005
Conclusion • Our solution is operational regardless the power control employment • It reduces the false detection rate with low cost (energy and delay) • The random two-hop ACK reduces dramatically the overhead SeCQos Workshop, Athens, September 2005
? SeCQos Workshop, Athens, September 2005