TAODV: A Trusted AODV Routing Protocol for MANET

1
TAODV A Trusted AODV Routing Protocol for MANET

• Li Xiaoqi, GiGi
• Term Presentation
• 2004-4-27

2
Outline

• Introduction
• Framework of TAODV
• Trust model for TAODV
• Routing operations in TAODV
• Analyses and simulations
• Conclusion

3
Now Comes to

• Introduction
• Framework of TAODV
• Trust model for TAODV
• Routing Operations in TAODV
• Analyses and Simulations
• Conclusion

4
Introduction

• Mobile Ad Hoc Network (MANET)
• No fixed infrastructure
• Multi-hop routing by cooperation of nodes in a
  self-organized way
• Nodes has high mobility
• Underlying medium is wireless
• Frequent link layer errors
• Vulnerable to kinds of attacks

5
Routing Protocols for MANET

• DSR
• The Dynamic Source Routing Protocol
• DSDV
• Destination-Sequenced Distance Vector Protocol
• AODV
• Ad Hoc On-Demand Distance Vector Protocol
• Two main routing messages
• RREQ Routing REQuest
• RREP Routing REPly

6
Applications of MANET
? High Security Requirements

• Personal area networking
• Meeting rooms
• Disaster relief
• Battlefield operations

7
Previous Security Solutions for MANET

• Secure routing protocol
• may perform digital signature authentication at
  each routing message
• huge overhead
• Key management mechanism
• usually need a super-trusted third-party to issue
  certificates
• destroy the self-organization nature of MANET

8
Previous Security Solutions for MANET (cond)

• Intrusion detection mechanism
• Listen, collect and analyze all traffics on each
  node
• Huge process overhead
• ?Our aim is to design a secure routing protocol,
  called TAODV (Trusted AODV Routing Protocol),
  without introducing huge overhead or destroying
  the self-organization nature of MANET

9
Now Comes to

• Introduction
• Framework of TAODV
• Trust model for TAODV
• Routing Operations in TAODV
• Analyses and Simulations
• Conclusion

10
Main Ideas of TAODV

• A secure routing protocol for MANET
• Use trust relationships among nodes for routing
• Employ a trust model derived from subjective
  logic
• Trust calculation is not very time-consuming
• Need not sign and verify digital signature at
  each routing message
• Cooperate with a self-organized key management
  mechanism
• such as some threshold solutions
• We take AODV for example to illustrate our idea

11
Four Modules of TAODV

• Basic routing protocol (AODV in this work)
• Trust model
• Define the algorithms or rules to combine, judge,
  and update trust information based on subjective
  logic
• Trusted routing protocol
• Self-organized key management mechanism
• generate a secret, public key pair for each
  node and distribute public keys in a secure
  self-organized way
• A pre-requisition, will not discuss it in this
  presentation

12
Module of Trusted Routing Protocol

• Include operations of
• trust recommendation
• trust combination
• trust judgement
• trust update
• signature authentication
• trust authentication

13
Framework of TAODV
14
Now Comes to

• Introduction
• Framework of TAODV
• Trust model for TAODV
• Routing Operations in TAODV
• Analyses and Simulations
• Conclusion

15
Representation of Trust

• Use Opinion to represent trust
• A two-dimensional, but three-element metric
• -- Probability of node A believing in node B
• -- Probability of node A disbelieving in
  node B
• -- Probability of node As uncertainty about
  B
• We define that

16
Combination of Trust

• Discounting Combination
• Combine trusts along one path
• Combine
• Equation Let

17
Combination of Trust (cond)

• Consensus Combination
• Combine trusts from several paths
• Combine
• Equation Let

18
Mapping Between Evidence and Opinion space

• Mapping from evidence space to opinion space
• a is a parameter
• imply the change rate of b, d, and u
• we can adjust it to meet our application

p positive evidences n negative evidences
19
Mapping Between Evidence and Opinion space (cond)

• Mapping from opinion space to evidence space
• We can update trust information from evidence
  space mapping to opinion space, or vice versa

20
Now Comes to

• Introduction
• Framework of TAODV
• Trust model for TAODV
• Routing Operations in TAODV
• Analyses and Simulations
• Conclusion

21
Trust Recommendation

• Exchange trust information
• Three types of message
• TREQ Trust REQuest
• TREP Trust REPly
• TWARN Trust WARNing
• Broadcast TWARN when a nodes disbelief value is
  zero

22
Trust Recommendation (cond)

• Message Structure
• TREQ ?
• TREP ?

23
Trust Judgement

• Predefined trust judging rules

b belief d disbelief u
uncertainty h threshold which can be
adjusted to meet different security level
(default h0.5)
24
Trust Update

• Update of Evidences
• Successful Communication ?Positive events p
• Failed Communication ?Negative events n
• Mapping from opinion space
• Update of opinion
• Combination from different recommendations
• Mapping from evidence space

25
Routing Table Extension

• Add three fields into original routing table
• Positive events
• Negative events
• Opinion
• New routing table format

26
Routing Message Extension

• Add such fields into original routing messages
• Trust information, or
• Digital signature information
• RREQ ? TRREQ
• RREP ? TRREP
• Message structure

27
General Process of TAODV

• On initialization, each nodes opinion towards
  others is (0,0,1), which means total uncertainty
  of other nodes trustworthiness.
• Nodes perform signature authentication during the
  initialization period.
• After some trust exchanges and data
  communications, thus with the increase of either
  positive or negative events, the uncertainty will
  be decreased and the trust relationship among
  nodes are forming.
• When the trust relationship in the network has
  been established, the authentication of nodes
  will mainly use trust authentication.

28
Trusted Routing Discovery

• S originated a routing request to D
• C is the current node
• P is Cs precursor, N is the next hop
• Suppose threshold0.5

29
Routing Process at Current Node

• Trust exchange

step1
Authenticate P
step2
Authenticate S
step3
Authenticate D
step4
30
Routing Process at Current Node
31
Now Comes to

• Introduction
• Framework of TAODV
• Trust model for TAODV
• Routing operations in TAODV
• Analyses and simulations
• Conclusion

32
Performance Analysis

• Communication overheads can be sharply reduced by
  avoiding signature generation and verification at
  each routing message.
• Bandwidth overheads can be largely reduced
  because of replacing 1024/2048 bit signatures to
  simple trust values.

33
Security Analysis

• If no misbehavior, trust value will keep
  increasing.
• If an external malicious node, it will at once be
  denied due to not providing valid signature.
• We only consider to prevent external attacks.
• Internal attacks can be eased through
  certificates renewal.

34
Simulation Environment

• Simulator ns-2

35
Selected Simulation Results
Throughput of receiving bits VS Average End2End
delay (pause time 10s)
36
Conclusion

• TAODV is a trusted routing protocol which
  cooperates with a self-organized key management
  mechanism.
• It introduces less computation overheads than
  previous secure routing protocol solutions and
  also guarantee a certain security level.
• It performs trusted routing in a self-organized
  way.

37
QA

• Thank You!