120 likes | 172 Vues
Mobile Ad Hoc Network Security (MANET). Preethi Vishwanath San Jose State University Computer Science. Definition. A "mobile ad hoc network" (MANET) is an autonomous system of mobile routers (and associated hosts) connected by wireless links --the union of which form an arbitrary graph.
E N D
Mobile Ad Hoc Network Security (MANET) Preethi Vishwanath San Jose State University Computer Science
Definition A "mobile ad hoc network" (MANET) is an autonomous system of mobile routers (and associated hosts) connected by wireless links --the union of which form an arbitrary graph. The routers are free to move randomly and organize themselves arbitrarily; thus, the network's wireless topology may change rapidly and unpredictably. Such a network may operate in a standalone fashion, or may be connected to the larger Internet. Sensor nodes consist of sensing, data processing, and communication components and typically form ad hoc networks. Due to a lack of infrastructure support, each node acts as a router, forwarding data packets for other nodes. Can be classified into two Server: Contain the complete DBMS and bear primary responsibility for data broadcast and satisfying client queries. Clients: Have sufficient resources to cache portions of the database as well as storing some DBMS query and processing modules. Practical Use : Whenever a temporary network with no infra structure needed. • Rescue situations: Rescue workers engaged in disaster relief investigate the extent of the damage around them and collaboratively work by sharing the information on their locations and findings. • Excavations: Members of a research project team engaged in an archeological excavation collect various phenomenal data from sensors and share the obtained data with other members to streamline work.
Criteria – node to be part of a network • To be connected to a network, a node should must be within the area of influence of at least one node on the network. • A node with no remaining power, or one that is off, is not currently a part of the network. • Even if the source and the destination nodes are not within each other’s communication range, data packets are forwarded to the destination by relaying transmission through other nodes that exist between the two nodes.
Large Scale On Demand ModelRxW (request Time Waits) • At each broadcast tick, the server chooses an item to broadcast based on the number of request and the amount of time the original result has been waiting. • The overhead for large databases is significant in both time and space. • Improvements • Approach 1 ( Guo, et. Al) • Server maintains a list of popular or less popular items. • The popular items are continuously broadcast. • If a less popular item is needed, a client may request it. • This interrupts the broadcast, which continues with the data broadcast after serving the request. • The server never stops broadcasting, consuming power. • Approach 2 ( Yajima et. Al and Grassi) • Improve database service by the organization and use of the broadcast. • Highly correlated items are found together in the broadcast, minimizing the number of times a client must access the broadcast. • Uses prefetching related items into the client cache so that they will be available locally if needed. • While prefetching may shorten the time a client needs to access a data item, prefetching wastes power and space through accessing and storing broadcast items that may not be needed.
Algorithm 1 to handle data push and data pull – Adaptive broadcast scheduling algorithm • Two potential ways to construct a broadcast. • New items may be either added to the algorithm or may replace less important data items. • A global network where all servers in a region know the location and power of all other servers in the region and full replication of the database is assumed. • Periodically, each server broadcasts its location and power level. This begins the broadcast cycle [9]. This is a soft real-time system. • There are deadlines for data delivery. The deadlines were used to determine which data request to service although no penalty for missing a deadline was mentioned. • There is a leader protocol that selects the server in a region with the greatest remaining power. • The leader coordinates the broadcast responsibilities of other servers in its area of influence. • The lead server determines which portion of a broadcast each server transmits. • The power level of each server drives this broadcast assignment. • The server with the least power transmitted the most important data items. Disadvantage • Initial algorithm has a potentially large communication overhead, servers with no clients still broadcast. • Less popular items may be starve or be broadcast too late.
Algorithm 2 to handle data push and data pull • Utilizes a popularity factor (PF). • The PF is a measure of the importance of a data item. • The PF increases each time a request is made for a data item. The amount of time since the request was made also affects the PF. • If it has been too long, the need to broadcast the item may be gone. • This factor is called the Resident Latency (RL) and is system and scenario specific. The PF decreases whenever a request exceeds the RL value. • The PF is used to assist in the building of relevant broadcasts and includes RL in order to make allowances for the movement of nodes. • When the PF of broadcast items is high, the probability of a broadcast that serves maximum needs increases. • If a server has not received any requests for a certain number of broadcasts, it will sleep rather than broadcast to an empty audience. • Finally, to localize data delivery, the lead server assigns each server the amount of data to broadcast but not the items to broadcast. • To deal with insufficient power levels, the servers rebroadcast the previous index and broadcast if they have insufficient power to build a new broadcast. Disadvantages : • Servers can be assigned a broadcast larger than their power levels would permit. • Power and bandwidth is also wasted with duplication.
Data replication – Data correlation • MANETs are often constructed to support cooperative work in environments without network infrastructures. • Data replication might cause a situation whereby a node requests two correlated data items at the same time although it can access only one of them. • If this situation frequently occurs, the data accessibility of the whole system deteriorates. • In a real environment, the correlation among data items can be usually known by recording the access log at each node and periodically estimating it. • Three replication allocation methods (proposed by [1]) • SAF (Static Access Frequency): Only the access frequency to each data item is taken into account. • DAFN (Dynamic Access Freq. and Neighborhood): The access frequency to each data item and the neighborhood among nodes are taken into account. • DCG (Dynamic Connectivity based Grouping): The access frequency to each data item and the whole network topology are taken into account.
SAF method • Each mobile host allocates replicas of N data items in descending order of the access frequencies. • At the time of replica allocation, a mobile host may not connect to another mobile host which has an original or a replica of a data item that the host should allocate. In this case, the memory space for the replica is retained free. • The replica is created when a data access to the data item succeeds or when the mobile host connects to another mobile host which has the original or the replica at a relocation period. • In the SAF method, mobile hosts do not need to exchange information with each other for replica allocation. • Moreover, replica relocation does not occur after each mobile host allocates all necessary replicas. • Advantage allocates replicas with low overhead and low traffic. • Disadvantage • Since each mobile host allocates replicas based on only the access frequencies to data items, mobile hosts with the same access characteristics allocate the same replicas. • However, a mobile host can access data items or replicas held by other connected mobile hosts, and thus it is more effective to share many kinds of replicas among them. Gives low data accessibility when many mobile hosts have the same or similar access characteristics.
DAFN method • The DAFN method eliminates the replica duplication among neighboring mobile hosts. • First, this method preliminary determines the replica allocation in the same way as the SAF method. • Then, if there is replica duplication of a data item between two neighboring mobile hosts, a mobile host with lower access frequency to the data item changes the replica to another replica. • Since the neighboring status changes as mobile hosts move, the DAFN method is executed at every relocation period. • At a relocation period, a mobile host may not connect to another mobile host which has an original or a replica of a data item that the host should allocate. In this case, the memory space for the replica is temporary filled with one of replicas that have been allocated since the previous relocation period but are not currently selected for allocation. This temporary allocated replica is chosen among the possible replicas where the access frequency to the replica (data item) is the highest among them. If there is not a possible replica to be temporary allocated, the memory space is retained free. When a data access to the data item whose replica should be allocated succeeds, the memory space is filled with the proper replica. • Advantage Data accessibility is expected to be higher than that in the SAF method. • Disadvantage • Does not completely eliminate replica duplication among neighboring hosts because it only executes the elimination process by scanning the network once based on the breadth first search. • if the network topology changes during the execution of this method, the replica relocation cannot be done at mobile hosts over disconnected links Both the overhead and the traffic are higher than the SAF method because at each relocation period, mobile hosts exchange information and relocate replicas.
DCG Method • The DCG method shares replicas in larger groups of mobile hosts than the DAFN method that shares replicas among neighboring hosts. • In order to share replicas effectively, each group should be stable, i.e., the group is not easily divided due to changes of network topology. • From this viewpoint, the DCG method creates groups of mobile hosts that are biconnected components[1] in a network. Here, a biconnected component denotes a maximum partial graph which is connected (not divided) if an arbitrary node in the graph is deleted. • By grouping mobile hosts as a biconnected component, the group is not divided even if one mobile host disappears from the network or one link is disconnected in the group, and thus it is considered that the group has high stability. • At a relocation period, a mobile host may not connect to another mobile host which has an original or a replica of a data item that the host should allocate. • In this case, in the same way as the DAFN method, the memory space for the replica is temporary filled with another replica, and it is filled with the proper one when a data access to the corresponding data item succeeds. • Advantage • Since many kinds of replicas can be shared, the data accessibility is expected to be higher. • Disadvantage • However, since the DCG method consists of three steps; (i) broadcasting host identifiers, (ii) determining the replica allocation, and (iii) notifying it to all hosts in the group, this method takes the largest time among the three methods to relocate replicas.
Update Diffusion Sensed changes cause updates to be propagated to a database, which is typically replicated over a number of nodes. Entire state information is stored in the database Applications access an available database copy for state retrieval. Disadvantages Danger of inconsistencies Paper 10 has derivation of few algorithms which help in taking care of this problem. Query diffusion State information only stored in the nodes where it has been sensed. For state retrieval an application broadcasts or geocasts a query specifying the requested state information State information matching the query is sent back to the application Disadvantages For partitioned networks the availability of state information is poor since each state item is stored on a single node only Applications need to learn about state changes as fast as possible. Access to Global State Information 10
References • [1] T. Hara, ``Effective replica allocation in ad hoc networks for improving data accessibility,'' Proc. IEEE Infocom 2001, pp.1568-1576, 2001. • [2] T. Hara, ``Replica allocation methods in ad hoc networks with data update,'' ACM-Kluwer Journal on Mobile Networks and Applications, Vol.8, No.4, pp.343-354, 2003. • [3] T. Hara and S.K. Madria, ``Dynamic data replication schemes for mobile ad-hoc network based on aperiodic updates,'' Proc. Int'l Conf. on Database Systems for Advanced Applications (DASFAA 2004), pp.869-881, 2004. • [4] T. Hara, N. Murakami, and S. Nishio: ``Replica Allocation for Correlated Data Items in Ad-Hoc Sensor Networks,'' ACM SIGMOD Record, Vol.33, No.1, pp.38-43, 2004. • [5] H. Hayashi, T. Hara, and S. Nishio, ``Cache Invalidation for Updated Data in Ad Hoc Net-works,'' Proc. Int'l Conf. on Cooperative Information Systems (CoopIS'03), pp.516-535, 2003. • [6] G. Cao, L. Yin, C.R. Das, ``Cooperative Cache-Based Data Access in Ad Hoc Networks,'' IEEE Computer Magagine, Vol.37, No.2, pp. 32-39, 2004. • [7] L.D. Fife and L. Gruenwald, ``Research issues for data communication in mobile ad-hoc network database systems,'' ACM SIGMOD Record, Vol.32, No.2, pp.42-47, 2003. • [8] G. Karumanchi, S. Muralidharan, and R. Prakash, ``Information dissemination in partitionable mobile ad hoc networks,'' Proc. Symposium on Reliable Distributed Systems (SRDS'99), pp.4-13, 1999. • [9] J. Luo, J.P. Hubaux, and P. Eugster, ``PAN: Providing reliable storage in mobile ad hoc networks with probabilistic quorum systems,'' Proc. ACM MobiHoc 2003, pp.1-12, 2003. • [10] K. Rothermel, C. Becker, and J. Hahner, ``Consistent update diffusion in mobile ad hoc networks,'' Technical Report 2002/04, Computer Science Department, University of Stuttgart, 2002. • [11] F. Sailhan and V. Issarny, ``Cooperative caching in ad hoc networks,'' Proc. Int'l Conf. on Mobile Data Management (MDM'03), pp.13-28, 2003. • [12] K. Wang and B. Li, ``Efficient and guaranteed service coverage in partitionable mobile ad-hoc networks,'' Proc. IEEE Infocom'02, Vol.2, pp.1089-1098, 2002. • [13] http://www3.ietf.org/proceedings/00mar/47th-ietf-00mar-96.html