• No results found

Comparison of Secure OLSR Routing Protocol

N/A
N/A
Protected

Academic year: 2020

Share "Comparison of Secure OLSR Routing Protocol"

Copied!
8
0
0

Loading.... (view fulltext now)

Full text

(1)

Comparison of Secure OLSR Routing

Protocol

KUNWAR PAL

Department of Computer Science and Engineering PEC, University of Technology, Chandigarh, India

kunwar.11mar@gmail.com

Prof. SANJEEV SOFAT

Department of Computer Science and Engineering PEC, University of Technology, Chandigarh, India

Sanjeevsofat@pec.ac.in

Prof. DIVYA BANSAL

Department of Computer Science and Engineering PEC, University of Technology, Chandigarh, India

Divya@pec.ac.in Abstract:

In this paper we are presenting the comparison of the secure OLSR (Optimized Link State Routing Protocol) in mobile ad-hoc network with other approach. We compare the security from the different approach and their effect on the existing OLSR. Main concern of the paper is the security but also the complexity and the storage is also compare in the different approach. Different approaches uses different cryptography security scheme and trying to provide the security to OLSR routing protocols. We also concern the different possible attacks on the OLSR and check that which security scheme is better to provide the security from the attacks.

Keywords:OLSR protocol, HASH chain, SHA algorithm, Encryption algorithm, AES.

1. Introduction

Mobile Ad-hoc network (MANET) is a collection of wireless mobile hosts. And there is no centralized administration exist in the MANET which generally available in the wired network. This is the basic reason why the security of the network in the communication between two nodes is becoming a challenging issue in the wireless network. Simply for making the network live the nodes have to communicate with each other in the network and have to pass the information of each node in the network. Maintain the such type of information which is required for sending the data from one node to another is the part of routing protocols. There are different types of routing is there in wireless network.

(2)

The figure shows the different types of routing protocols. Basically it is divided in to two parts reactive routing protocols or proactive routing protocols.

Reactive routing or on-demand routing protocol is a protocol in which there is no pre-defined table between sender and receiver. When a sender node wanted to send something to other node it start the process and all the table between the nodes come in exist. But in the proactive or table driven routing protocol the table between the node is available before the real data transmission.In the proactive routing protocol the information about the link is periodically passing to each node. On the basis of that all the nodes maintain their routing table. And for the communication purpose they use this information. Example of table driven routing protocol is OLSR (optimized Link State Routing protocol) and DSDV (Destination Sequenced Distance Vector Routing).

A different approach from table driven routing is the source initiated on demand routing protocol. In this type of routing protocols routes are created only when source node desired it. When a source node requires a node to destination it initiates a route discovery process to destination with in a network. The process is completed when the desired route is discovered between the nodes and all the permutation of the required route is considered. The example of such type of routing protocol is AODV (Ad-hoc On Demand routing protocol) and DSR (Dynamic Source Routing protocol). But the security of the both type of routing protocols is a very challenging issue in the wireless Ad-hoc network. Because there is no centralized authority in the network and that’s why node cannot trust to each other.

1.1. Safety Measures

In the routing all the information is passing from node to node so if there is an un-trusted node is there, than it can getting the information. The link between the node is should be in such a way that no other node can use this information. Sender to receiver Authentication as well as node to node authentication is also required in the routing protocols. So that the attacker node cannot harm the victim node. There are also some attacks possible in the OLSR routing protocols. We discuss it in the further pages. So it is clear that the security of the routing protocols is very important for the safe communication between the nodes or in the networks

2. OLSR Protocol

OLSR (Optimized Link State Routing Protocol) is optimization of Link State Routing Protocol. It is a table driven routing protocol. In which nodes are available at any time for the routing when they are needed. The node always maintains their routing tables after a certain period of time for better communication. For the communication in the OLSR there are two type of message are passes between the nodes

2.1. Control Message in OLSR

2.1.1. Hello Message

In the OLSR, Hello message is used for the maintenance of the route or establishing the route between the nodes in the network. After a certain period of time every node available in the network sends the hello message to the other nodes (only neighbour nodes). The hop count in the hello message is 1 and the time to live (TTL) is also 1in the case of hello message. Means only immediate neighbour can listen the hello message of the neighbours. On the basis of hello message the node maintain the routing table. And finding the optimal path between the nodes when the path is needed.

2.1.2. TC Message

Other type of message is control message (TC message). It is performing the topology declaration in the network. TC message is also sending by the node after a certain period of time. TC message is received by every node but only defined node is forwarding it. The node which forward the TC message is called the MPR (Multipoint relays).

(3)

2.2. Routing In OLSR

2.2.1. Multipoint Relays

Multipoint Relays are optimized in the OLSR where each node must select MPRs from among its neighbour nodes such that its cover all the neighbour of two hop away. MPR selection is basically performed by HELLO message in which every node describe the status of the neighbour node. How much the node wanted to make his neighbour as a MPR. There is a range between (7-0) WILL_ALWAYA and WILL_NEVER. Every node describe its neighbour in this range how much he wanted that its neighbour should be MPR or not. And every node maintains a MPR selector set, describing the set of nodes which have selected it’s as MPR.

Figure 2: (a) simple distribution of control packet in LSR. (b) Control packets are only distributed by MPR in OLSR routing protocol, black node work as MPR.

In the figure 2(a) the distribution of the control packet is done by the every node and every node forward it to their neighbours. So the node which is two hops away gets the multiple same packets from different nodes. Which is basically increasing the congestion in the network. Figure 2(b) but with the help of MPR we can solve this problem because only MPR forward the control packet and MPR is selected in a way that the entire two hop away node can get the control packets. So the problem of congestion is solved in the OLSR with the help of MPRs.

3. Security Problems in OLSR

There are various type of attacks are possible on OLSR protocols. In the present OLSR routing protocol there is various security weaknesses. That’s why we are presenting the new security scheme in the present OLSR routing protocols. For the table driven routing protocols it is necessary that to generate or forward the routing information correctly. If this is not happened then the either the false path is made between the node or there is no path between the node when the actual data sending is take place. If it is not correctly generate or forward the message then such node are called the influence node. There is various type of security problem in OLSR. 3.1. Incorrect Control Message Generation

3.1.1. False Hello Message Generation (ID SPOOFING)

(4)

Figure 1: The node D showing to C that it is connected to A and same node Y showing to C about U.

In the figure node X showing to C that it is directly connected with node A. so instead of making the MPR X and B. C making the MPR only to X. Because it think with the help of X it is connected with X, B, A and neighbour to X also. But if X not doing it then it is only connected with X<B and neighbour of X but not to A, for A he has to make the MPR to B.

3.1.2. False TC Message Generation

It is also the same as last one but this time instead of sending the Hello message the node sending the TC message with the false id. The result is same they update wrong information on the behalf of wrong TC message.

3.2. Incorrect Control Message Relaying

3.2.1. Black Hole attack

The attacker can drop received routing message instead of relaying them as the protocol requires, in order reducing the quantity of routing information available to the other nodes. This is called black hole attack. 3.2.2. Worm Hole Attack

In the warm hole attack the attacking nodes making the tunnel between them and drop the all data packets. This type of attack may be come in light due to one or more than one attacker node. The attacker node shows that they have the best route to receiver node (changing the value of H0count and TTL) so the all node making the path from attacker node. Figure describes it with two nodes X and Y. In the figure node A and B are 3hop away from each other. And attacker node X and X’ show that they are neighbour of A and B respectively. So they make the tunnel between node A and B. And they can drop the packet received from A or B.

Figure 4: Wormhole attack, X and Y are the attacker node

A

B

(5)

4. Different Security Scheme

There is some work done to provide the security to OLSR protocols. the description of the different approaches is given below.

4.1. Hybrid protection of OLSR

The approach is defined in paper A. M. Hegland, P. Spilling, L. Nilsen and Q.Kure , “Hybrid Protection of OLSR”, Electronic Notes in Theoretical Computer Science, 2006[1]. It’s using The Hash Chain for providing the security to the routing protocol. In this approach we calculate the Hash of some Initial value up to total no of Hop count and distribute it to the entire network. And the sender node sends the one time hash of initial value to the next neighbor which is MPR of it. Now the intermediate node calculate the difference of TTL and Hop count and doing the hash of received hash value up to calculated difference time. If both the value is same then there is no malicious node changed the value in between them. If both the value is not same then there is some malicious node and it changed the value of Hop count and TTL for making the path to itself.

4.2. Signature Scheme

And other approach is Amanpreet Kaur, Gurpreet Kaur Deol ,”Secure Optimized Link State Routing Protocol”.2006 [4] provide the security with the help of signature scheme. And the approach provides the authentication between the two nodes. For providing the signature the approach use the two functions. First one is for signature and the second is for verification

1. Sign (nodeid, key, message)

A signature for a message can be verified in a node using a function: 2. Verify (originator id, key, message, signature).

To prevent malicious nodes from injecting incorrect information into the OLSR network, the originator of each control generates an additional security element called signature message and transmitted with the control message. A timestamp is associated with each signature in order to estimate message freshness. Thus, upon receiving the control message, a node can determine if the message originates from a trusted node, or if message integrity is preserved. Signatures are separate entities from OLSR control traffic: while OLSR control messages perform the purpose of acquiring and distributing topological information, signatures serve to validate information origin or integrity.

4.3. Secure OLSR

This security scheme is work on two levels. In the first level we just concern on the hello message and try to stop the unauthorized nodes to participate in the route creation process and in the second level try to implement the hash chain in the OLSR to secure from the other attack possible in the OLSR protocols.

The steps are as

1. Encryption algorithm 2. Hash chain

There we take some assumption for the network. We assume that the secrete key between the nodes is distributed by any physical method or any cryptography scheme.

4.3.1. Encryption

In a network when the node wanted to create a route between the nodes first of all the hello message is send by the node for finding the neighbour of it. Every node sends a hello message after a certain period of time in the network with TTL (time to live) value 1 and hop count 1.

(6)

Figure 5: Asymmetric or Symmetric link in OLSR

In the figure there is two nodes A and B. And node A find that the B is asymmetric node and then he sends the nonce N1 encrypted with the secret key. Now if node B knows the secret key then it decrypt the nonce and send back to particular node A. Now A check the nonce if it is correct then it is mark B as a symmetric neighbour else identify him as an attacker node. And as we know that only symmetric node can make the MPR in the OLSR routing protocol. So with the help of this scheme only certified nodes can participate in the network and only they can make the route between the nodes. The encryption algorithm is an implementation issue we can use any algorithm which is sufficient according to the complexity and the space. There are many algorithms as AES, DES, triple DES and many others.

4.3.2. Hash Chain

Hash chain is used in the OLSR routing protocol for security from other attacks. In the hash chain every node using a random no which we called the pivot. And generating node finds the (Hn), n time hash of it. After making the MPR generating node having the idea how many MPR are there in the root for reaching the every node in the network. And n is that no. And it also distribute the Hn to every node which going to receive this message. Now suppose node A distribute Hn to other nodes and now A send TC message to next MPR B. A send TC message to B with Hop count times hash of that pivot no. Now B receive the TC message its calculate the TTL value of that TC message and now it hash the pivot no, TTL no of times. If the value of it is equal to the Hn than the last node is performing right otherwise it is not responding correct and it is working as an attacker.

Figure 6: In the figure there is n+ 1 node from n to 0. Pivot value in the figure is KN and the value of K0, K1, K2 are such that K0=H (K1) and so on.

(7)

Table 1: Difference between the schemes.

S.NO Hybrid Scheme Signature Scheme Secure OLSR Scheme 1. Provide the Node

to Node Authentication

between the nodes.

Its not provide the Node to node authentication

between the nodes.

Its also provide the node to node authentication

between the nodes.

2. Provide the source to destination authentication.

Provide the source to destination authentication. Provide the source to destination authentication. 3. There is a chance

of Id spoofing attack.

Its provide safety from such attack for external nodes.

Its provide safety from such attack for external nodes.

4. A node can use the previous send message to other place.

A node cannot use the previous send message to other place.

A node can use the previous send message to other place.

5. Provide integrity Provide integrity Provide integrity.

6. Complexity is less comparison to other scheme

The complexity is less than SOLSR but more than the hybrid scheme

The complexity of the scheme is more than the other two approaches.

Table describe the difference between the three security approaches. Security wise the SOLSR provide the more security than the other two approaches but the complexity of it is more than the other two approaches.

6. Security From Various Attacks

The table describe the security provided by the different security schemes at various attacks. Here we concerned the 5 different attack and check that the security schemes are efficient against them or not.

Table 2: Security at different attacks.

S.No Attacks Hybrid Scheme Signature Scheme SOLSR 1. Wormhole attack

Yes No Yes

2. Black hole Yes No Yes

3. Id spoofing No Yes Yes

4. Replay No Yes No

5. Route corruption

(8)

7. CONCLUSION

In this paper an overview of the OLSR is given and also describe the possible flaws in the security of present OLSR. We also describe the different security scheme, which provide the security to the OLSR. The different security scheme has different properties and different flaws. All three security scheme provide security up to a level but not complete. Hybrid and signature scheme having some weakness in security while SOLSR having more complexity than the other two approaches. Signature scheme not providing the security from the black hole attack but other two provide it but the replay attack is solving by the signature scheme. And other two approaches are not able to solving it. If the main concern is security then the SOLSR is better than other two approaches.

Reference

[1] A.M. Hegland, P. Spilling, L. Nilsen and Q.Kure , “Hybrid Protection of OLSR”, Electronic Notes in Theoretical Computer Science, 2006.

[2] Andreas Tonnesen ,”Impementing and extending the Optimized Link State Routing Protocol”, Unik University Graduate Center University of Oslo , August 1st, 2004.

[3] Andreas Hafslund, Andreas Tonnesen, Roar Bjorgum Rotvik, Jon Andersson and Oivind Kure, “Secure Extension to the OLSR protocol,” OLSR Interop and Workshop, 2004

[4] Amanpreet Kaur, Gurpreet Kaur Deol ,”Secure Optimized Link State Routing Protocol”.2006.

[5] C´edric Adjih, Daniele Raffo, Paul M¨uhlethaler INRIA, Domaine de Voluceau, “Attacks Against OLSR: Distributed Key Management for Security” France, 2006.

[6] Cédric Adjih, Thomas Clausen, Anis Laouiti, Paul Muhlethaler, Daniele Raffo “Securing the OLSR routing protocol with or without compromised nodes in the network”,2005

[7] Draft-ietf-manet-OLSRv2-11 “The Optimized Link State Routing Protocol version 2”, April 20, 2010. [8] INTERNET-DRAFT draft-ietf-manet-OLSR-11.txt ”Optimized Link State Routing”, 03 July 2003.

[9] PO-WAH YAU, SHENGLAN HU and CHRIS J. MITCHELL, “Malicious attacks on ad hoc network routing protocols”, 2005. [10] Rashid Hafeez Khokhar, Md Asri Ngadi and Satria Mandala, “A Review of Current Routing Attacks in Mobile Ad Hoc Networks”

International Journal of Computer Science and Security.

[11] S. A. Ade1and P.A. Tijare, “Performance Comparison of AODV, DSDV, OLSR and DSR Routing Protocols in Mobile Ad Hoc Networks”. International Journal of Information Technology and Knowledge Management July-December 2010

[12] Shalini Jain, Dr.Satbir Jain. “Detection and prevention of wormhole attack in mobile Adhoc networks”, International Journal of Computer Theory and Engineering, Vol. 2, No. 1 February, 2010.

Figure

Figure 1: Different type of routing protocols in wireless Ad-hoc network
Figure 2:  (a) simple distribution of control packet in LSR. (b) Control packets are only distributed by MPR in OLSR routing protocol, black node work as MPR
Figure 4:  Wormhole attack, X and Y are the attacker node
Figure 5: Asymmetric or Symmetric link in OLSR
+2

References

Related documents

Individual DVTQOL items showed sufficient variation in the item pool that clearly grouped into six factors, reflect- ing emotional distress, symptoms, limitation in physical

Owing to the fact that due to permeability of the vessel wall, consideration of the no-slip condition at the wall may not be valid, the present study on blood flow in stenosed

WAKE DYNAMICS AND PASSIVE FLOW CONTROL OF A BLUNT TRAILING EDGE PROFILED BODY.. (Thesis

Q: Do my payments to RealEstate.com, a service of LendingTree, LLC constitute the payment of Referral Fees as regulated by some state-lev real estate laws &amp; RESPA.

When DAA procedure is executed at site 1 the affected transactions will be detected and added to the undo list (the list of transactions whose effect must be removed from

To simulate the effects of cAgNP in contact with thalamic cells, ie, STC, NSTC, and RTN, respectively, the changes of the intrinsic currents that we identified by fitting

A total of 68 blue green algal species belonging to 29genera documented from various habitats like rivers, streams, ponds, stagnant water and waste water documented

• Each node uses the shortest path tree protocol to construct its routing table. • The routing table shows the cost of reaching each node from