Secure Message Transmission in Ad-Hoc Network through Dynamic key Cryptography and Comparative Study with Intrusion Detection System

International Journal of Emerging Technology and Advanced Engineering

Website: www.ijetae.com (

ISSN 2250-2459

, Volume 2, Issue 4, April 2012)

21

Secure Message Transmission in Ad-Hoc Network through

Dynamic key Cryptography and Comparative

Study with Intrusion Detection System

Navneet Singh Sikarwar

Department of Computer Science & Engineering, B.S.A. College of Engineeing & Technology, Mathura

[email protected]

Abstract — The wireless technology provides the communication between the devices without needs of any physical medium. It provides mobility capability to the devices for access at any time and any where. The benefits of flexible routing, global connectivity and a highly adaptive potential make mobile ad-hoc networks (MANET) suitable for a wide range of applications in both military and commercial environments, such as battlefields, disaster relief operations, mobile device/personal networking, mobile information sharing and vehicular networks. However, maintaining security in wireless ad-hoc networks is quite challenging, a lot of applications are ad-hoc based and in some cases it is desired that communication be made secret. Consequently, the security of information has become a fundamental issue. Intrusion Detection System is one of them method that concern about security in ad-hoc network. This paper has given a frame work for secure communication in ad-hoc network using dynamic key cryptography. This paper also gives comparable study with Intrusion Detection System.

Keywords —Dynamic key Cryptography, ad-hoc network, Intrusion Detection System, MANET.

I. INTRODUCTION

With rapid growth in the wire less technology such as laptops, wireless phones, wireless sensors, the importance of wireless technology becomes more and more prominent.

Figure 1: Hierarchy of Network

The List of different networks types.

 Peer to Peer Network: A network without the notion of clients or servers, but only equal peer nodes that simultaneously function as both clients and servers.

 Mobile Ad Hoc Networks: A mobile ad hoc network (MANET) is a kind of wireless ad hoc network, and is a self-configuring network of mobile routers (and associated hosts) connected by wireless links—the union of which forms an arbitrary topology. The routers are free to move randomly and organize themselves arbitrarily; thus, the network’s wireless topology may change rapidly and unpredictably.

 Wireless Sensor Network: A wireless sensor network (WSN) is a wireless computer network consisting of spatially distributed autonomous devices using sensors to cooperatively monitor physical or environmental conditions, such as temperature, sound, vibration, pressure, motion or pollutants, at different locations.

 Mobile Wireless Sensor Network: A wireless sensor network in which the nodes are mobile.

 Ad Hoc Wireless Sensor Network: A wireless sensor network in which the nodes self-organize.

Under wireless technology two categories are provided. First category is the infrastructure network in which there is a fixed base station on which all the mobile nodes are dependent.

International Journal of Emerging Technology and Advanced Engineering

Website: www.ijetae.com (

ISSN 2250-2459

, Volume 2, Issue 4, April 2012)

22

Figure 3: Ad-hoc Network

However this decentralized network is vulnerable to the external adversaries. Ad-hoc are highly exploited due to their open medium, lack of strong line of defense, management point and last but not the least their decentralized network. Apart from this nodes in an Ad-hoc may, at any time, disappear from, or appear into the network.

Firewalls and encryption techniques are no longer sufficient and effective in providing protection to the ad-hoc networks. Nevertheless, some solutions for security services in ad-hoc exist out of which Intrusion – Detection system (IDS) has specific requirements. Deploying IDS is an important aspect. IDS must be capable of detecting intrusion and automatically generates alarms, but this system is not provided secure communication, it has some limitation. This research work suggests a framework for secure communication and discus limitation of IDS.

A. Ad- Hoc Network

An ad hoc wireless network is a collection of two or more devices equipped with wireless communications and networking capability.

Such devices can communicate with another node that is immediately within their radio range (peer-to-peer communication) or one that is outside their radio range (remote-to-remote communication) using intermediate node(s) to relay or forward the packet from the source (sender) toward the destination (receiver). An ad hoc wireless network is self-organizing and adaptive.

The ad hoc network can be heterogeneous, i.e., the nodes can be of different types (palmtop, laptop, mobile phone...) with different computation, storage and communication capabilities.

1) Threats to Ad-hoc Network

Ad–hoc network suffers from various kinds of security challenges like passive eavesdropping, denial of services, replay, traffic jam, spoofing by carefully and closely studying the functionality, design and architecture of the ad-hoc network, here discus some of the major vulnerabilities.

 Since the ad-hoc networks are decentralized system, so their topology is expressed on the basis of the emission ranges of the nodes. This results in peer to peer architecture. Furthermore, the problems of IP masquerading and eavesdropping increases and in this condition centralized IDS can’t work. Thus, the need for distributed IDS becomes necessary.

 A serious threat is imposed by the routing of context in ad-hoc network. Since the whole ad-hoc network works on the cooperative functioning of nodes. So, it may be possible that a malicious node can emit false routing information,thus creating entries in the routing table and making the communication difficult. On the other hand in the Delivery of data the malicious node can play its game. Hence a host can control the traffic to and from entire parts of the network.

 The auto configuration also creates new vulnerabilities. In this, the perpetrator node simply pretends using the node chosen by the incoming host, thus denying the right to join the network. With the security challenges in ad-hoc network a security system is the prime need. And then here introduces the on detection system. [1]

B. Intrusion Detection System

International Journal of Emerging Technology and Advanced Engineering

Website: www.ijetae.com (

ISSN 2250-2459

, Volume 2, Issue 4, April 2012)

23

There is no dispute in the facts that the number of intrusion and hacking incident is increasing rapidly with the continuous and fast advancement in technology. Unfortunately, in today’s interconnected ecommerce world when there is no hiding place, you can be found through a wide variety of means. In this scenario this is the basic need that there must be such an effective system to guard against this. Here comes the intrusion detection system in the main frame. IDS are like a burglar alarm for our computer which detect unauthorized attempts, anomalies and notifies the other nodes in the network to avoid or punish the misbehaving nodes. The goal of the IDS to provide security services such as authentication, confidentiality, integrity, anonymity, and availability to mobile users. There are basically three types of intrusion detection system. [2]

1. Network based IDS: A network monitor (e.g. Dragon Sensor) watches live network packets and looks for signs of computer crime, network attacks, network misuse and anomalies. When it observes some unauthentic event, it takes action to stop the event and record it for future forensic analysis.[2]

2. Host based IDS: A host monitor (e.g. Dragon Squire) looks at the system logs for sign of any suspicious or malicious activity. It also performs the monitoring of system files. Host based are usually used in small area networks.[2]

3. Hybrid based IDS: These systems combine both approaches NIDS and HIDS. Data of the agent are combined with network information in order to create the complex view on the network.[3]

1) The IDS Principle

The foundation of these programs is based on matching IP and MAC address of the individual hosts. Then, the matching results are stored to the database to which only administrator has access to provide an overview of the activities in the network.

The IDS stores the database of the attack signatures and can compare the patterns of the attack signatures and can compare the patterns of activity, traffic or behavior which IDS sees in log files and monitor them with these signatures to recognize when the connection between signature and current or late behavior occur.

IDS can emerge from fear or anxiety with the aim to provide different types of automatic actions from shutting down the internet connections or servers up to starting back trace and can produce active attempts to identity the attackers and collects proofs of their incorrect actions. [4]

2) Characteristics of IDS

Intrusion detection techniques are divided in two types: misuse detection, in other reference called signature based detection and anomaly detection.

 Misuse Detection: The system has a large database of specific attacks that has been documented. Whenever the system identifies an event it matches it with the database and if matches, raises the alarm.[5]

 This system observes the operations that abnormally deviate from the normal performance of that operation. For this operation the system must be trained about the normal operation before launching it in working made.[5]

3) Limitation of IDS

IDS provide so much facility, security but after that it has some drawback.

 To compensate for the mechanism of the identification and authentication.

 To lead the investigations of attacks without human intervention.

 To compensate for the weaknesses in network protocols.

 To compensate for the problems in the quality and integrity of information which system provides.

 To analyze whole traffic in the busy network.

 To deal with the problems which relate to attacks on the level of the packets.

 To deal with some of the modern network hardware and its features. [4]

C. Cryptography

International Journal of Emerging Technology and Advanced Engineering

Website: www.ijetae.com (

ISSN 2250-2459

, Volume 2, Issue 4, April 2012)

24

Cryptanalysis is the science of 'breaking' or 'cracking' encryption schemes, i.e. discovering the decryption key. Cryptographic systems are generically classified along three independent dimensions. [6][7][10][11][12][13]

D. Dynamic Key Cryptography

The dynamic key cryptography is a one of the advance technique in cryptography where either a long message is divided in to many part or there are many message in both case each message is encrypted with the help of different keys, these all keys are not shared between the both parties but only very few information are shared and on the basis of these information both parties generated the dynamic key. [8][9]

II. PROPOSED WORK

The secure communication in ad-hoc network is achieved by not only securing a network from intruders but also required security on data level.

This paper suggest a framework for secure communication, it use Dynamic key cryptography technique as well as IDS techniques. By using this framework we can achieve following goals.

 We can achieve not only authentication and identification but also confidentially, non reputation and integrity of message.

 We can achieve secure communication.

 The third party (or unauthorized user) can not eavesdrop the transmitted message.

This work is based on dynamic key cryptography, the strength of any dynamic key cryptography is depends on two factor: first is secure communication channel by which initial information shared between the parties and other is strength of dynamic key generation algorithm. So the secure message transmission is possible by the combined efforts of both two algorithms.

A. Algorithm for secure communication channel

This communication is possible only when the center authority server is running.

1. Start Central Authority Server (CAS) using username and password for Verification.

In Ad-hoc network, devices are movable when it want to communicate first it will be authenticated through central authority server JOIN method.

Figure 4: A schematic for secure communication establishment

2. JOIN (UN,PW,PNO,Key) is take four argument user name, password, port number and key for authentication.

3. Central Authority check device secret key, client Address as well as port Address to verify client is valid or not and send ok signal for validation. Else

It sends No Signal for invalid client and also denies the request of client to start communication. 4. Repeat Step 2 and 3 for Client 2 (Bob).

5. If Client 1(Alice) and Client 2 (Bob) are verified by own self and their secret keys are authenticated respectively by Central Authority (i.e. both signals OK) then Communication starts between both Clients they work as Client or Server in Full Duplex mode.

Else

Connection request denied.

6. Now there is no role of Central authority and Initial message for dynamic key generation are transmitted in Encrypted form using Hash function.

B. Dynamic Key Generation Algorithms

International Journal of Emerging Technology and Advanced Engineering

Website: www.ijetae.com (

ISSN 2250-2459

, Volume 2, Issue 4, April 2012)

25

Here the value of L is power of 2, so that number of dynamic key we want to generate is equals to

N = log2(L)

2. Now Alice generate m random (temporary) key in the range of 0 to pow(2,L/2) .

The temporary keys are following.

TK1, TK2, ………. TKm.

Alice encrypt these keys by using EK key and send to Bob.

EK {TK1, TK2, ………. TKm. }

Bob decrypt these keys by using EK key and get keys.

TK1, TK2, ………. TKm.

3. Now Alice and Bob both calculate seed key SK as following.

SK= IK (XOR ) TK1 (XOR ) TK2 (XOR )……. (XOR ) TKm.

Steps for First Dynamic key Calculate

SK (XOR ) TK1 (XOR ) TK2 (XOR ) …. (XOR ) TKm. The result of it is string of 0 and 1, for example if result is 1010 on the basis of it. We can write an equation of X

now put X = IK in the above equation, suppose this value is Y

then DK1 = Y mod 65536 Steps for Second Dynamic key Calculate

SK (XOR ) TK2 (XOR ) … (XOR ) TKm. (XOR ) DK1 The result of it is string of 0 and 1, on the basis of it. We can write an equation of X, and put X = DK1 in the above equation, suppose this value is Y

then DK2 = Y mod 65536

Similarly we can write the steps for Nth Dynamic key Steps for Nth Dynamic key

Calculate

SK (XOR ) TKn-m (XOR ) ……DKn-3 (XOR ) DKn-2 (XOR ) DKn-1

The result of it is string of 0 and 1, on the basis of it. We can write a equation of X, and put X = DKn-1 in the above equation, suppose this value is Y

then DKn = Y mod 65536

Both Alice and Bob store all the Dynamic keys in an array DK of N Size. This array is used in for encrypting and decrypting secret message.

III. ANALYSIS OF PROPOSED FRAMEWORK

The Complexity of any algorithm is represented by two factors first one is Time and second one is Space (or Size) that is denoted as Time complexity and Space complexity but complexity of security algorithm is calculated by how much effort is required to break it.

The analysis of this work also depends on the strength of secure channel establishment and dynamic key generation algorithms.

A. Analysis of secure channel:

Let Alice and Bob are authorized user want to communicate over this framework. They want to prevent Oscar (the bad guy or unauthorized user) from listening. There are many ways for Oscar to enter in secure channel and listen to the secret message. All these ways are mentioned in following cases.

I) Oscar tries to find out user name and password of Alice or Bob

In this case, Oscar tries to find out user name and password of Alice or Bob to run the application because without knowing the user name and password no unauthorized user can run the application software that Alice and Bob used.

But this attack is very weak because it is based on personal analysis of Alice and Bob’s life. Today’s login system provide limited chance (eg. 3 chance to login) to login so that this attack fails to know user name and password of Alice and Bob. This works provides provision if any user does not enter correct user name and password in three time’s then central authority denied his request for login.

II) Oscar tries to find out secret key of Alice or Bob In this work, secret key of Alice or Bob is used for authentication. The central authority checks machine address, port number and secret key, if all the values are correct then only the central authority allows for connection establishment otherwise it will denied the request.

International Journal of Emerging Technology and Advanced Engineering

Website: www.ijetae.com (

ISSN 2250-2459

, Volume 2, Issue 4, April 2012)

26

So if Alice and Bob use the key of 256 lengths, Oscar will try to break it. If Oscar applies brute force attack, it requires

65536 x 65536……….256 times = 6.844E+1237 steps to break this key for 256 length. So this step will not easily broken by Oscar.

Table I.

Estimated brute force resistance of symmetric algorithms

Key

length

Security estimation

56-64 bits

short term (a few hours or days)

112-128 bits

Long term (several decades in the

absence of quantum computers)

256 bits Long term (several decades, even with quantum computers (QC)which run the

currently known brute force QC algorithms)

III) Oscar tries to access port number of Alice or Bob In this work, central authority checks machine address, port number and secret key of Alice and Bob. The aim of Oscar is to listen to the secret message that Alice and Bob is communicating.

In a machine total number of ports is 65536, in which 1024 are reserved ports and remaining is free ports. In this framework Alice, Bob and central authority run on fixed port therefore if Alice and Bob communicating each other then it is not possible (or impossible) for Oscar run his application on same port. The central authority does not allow Oscar for communication until he does not run his application on right machine, right port and with right key.

IV) Oscar tries to find out encryption decryption algorithm between Alice/Bob & central authority and between Alice & Bob

This work uses two different encryption decryption algorithms. First use when Alice/ Bob send his key to central authority and second use when Alice and Bob communicate each other. Both algorithm use linear mathematical equation for encryption and decryption.

So that it is not easy for Oscar to break these algorithms, because one client uses different linear mathematical equation for different client.

B. Dynamic key generation complexity

The complexity of dynamic key generation are depends on the no. of operation required to execution, as well as it also indicate the randomness of dynamic key.

Dynamic key Vs Bytes

0 20000 40000 60000 80000 100000 120000 140000

0 5 10 15 20 25

No. of Dynamic keys

N

o.

B

y

te

s

Figure 4: Dynamic key Vs No. Bytes required to shared

Dynamic key Vs bits

0 200000 400000 600000 800000 1000000 1200000

0 5 10 15 20 25

No. of Dynamic keys

N

o.

o

f b

its

International Journal of Emerging Technology and Advanced Engineering

Website: www.ijetae.com (

ISSN 2250-2459

, Volume 2, Issue 4, April 2012)

27

No. of operation required for Dynamic key generation

0 20 40 60 80 100 120 140

1 2 3 4 5 6 7 8 9 10

No. of Dynamic Key

N

o

.

o

f

O

p

e

ra

ti

o

n _{Random key}

Ency. & Decry.

Bitwise oper.

Log. Oper.

Mod. Oper.

Figure 6: No. of Dynamic key Vs No. of Operation

Table II.

Operation required generating dynamic key

IV. ADVANTAGE OF PROPOSED WORK

This proposed work has many advantages over the symmetric key cryptography and asymmetric key cryptography and this work has more strength over all the attack.

Those are based on symmetric and asymmetric key cryptography, apart form it has more strength compare to session key cryptography. The comparisons are listed in table 3.

Table III. Comparison between session key and dynamic key

Issues Dynamic key Session Key

Key Exchange Once Every Session

Life time Within a message

Within a session

Key Reusable No Yes

Vulnerable under man in

middle

Attack

No Yes

From a compromised cryptographic

key, adversary can

Decrypt a message

Decrypt all messages in the

session

From a compromised pair of public

and private keys of the key

exchange

protocol

Cryptographic system is still

safe

Cryptographic system and session are vulnerable

The features of this work are below.

 This work provides security at machine and port level, so that the framework becomes more secure and difficult to eavesdrop.

 It provides provision for central authority that is used for user authentication.

No. of Dyn amic

key

Random

Tempora ry key

No. of Encrypt ion & Decrypt

ion

No. of Bitwise operation

No. of Modules operatio

n

No. of logarith m operatio

n

1 1 4 1 1 2

2 3 8 6 2 2

3 5 11 14 3 2

4 6 14 24 4 2

5 7 17 37 5 2

6 9 19 52 6 2

7 10 22 69 7 2

8 11 24 88 8 2

9 12 26 110 9 2

International Journal of Emerging Technology and Advanced Engineering

Website: www.ijetae.com (

ISSN 2250-2459

, Volume 2, Issue 4, April 2012)

28

 It provides facility for secret message transmission using secure channel.

 It provides secret message transmission in full duplex mode.

 It use the advantage of dynamic key cryptography that is better than cryptography as well as session key cryptography.

V. CONCLUSION

This paper concerned about ad-hoc network, IDS, characteristics of IDS, on ad-hoc and principle. It presented a needed list of characteristics required before testing an IDS in ad-hoc network. Furthermore it presented the principle of IDS to work on. Furthermore, some of the drawbacks of IDS have also been mentioned. At last this paper suggests how dynamic key cryptography applied for secure communication and analysis it. This paper may also help the researchers for improving security features in ad-hoc network.

VI. ACKNOWLEDGMENTS

The author is grateful to the anonymous reviewers for valuable comments

REFERENCE

[1 ] D. Sterne, P. Balasubramanayam, D. Carman, B.Wilson, R. Talpade, C. Ko, R. Balupari, C-Y Tseng, T. Bowen, K. Leuitt, J. Rowe, ―A General Cooperative Intrusion Detection Architecture for MANETs‖.

[2 ] Hadi Otrok, Joy Paquet, Mourad Debbabi and Prabir Bhattacharya ―Testing Intrusion Detection System in MANET: A Comprehensive study‖.

[3 ] Bahareh Pahlevan Zadeh, Azman Samsudin, ―Distributed Hierarchical IDS for MANET over AODV+‖

[4 ] Liberios Bokorokos , Alzdeta Kleinova, Ondrej Latka ―Network Security On The Intrusion Detection System Level‖

[5 ] Ricardo Puttini, Jean – Marc Percher, Ludovic Me, Rafel de Sousa ―A Fully Distributed IDS for MANET‖

[6 ] Z. Hrytskiv, S. Voloshynovskiy & Y. Rytsar, ―Cryptography and Steganography of Video InformationIn Modem communication‖, Electronics And Energetics, vol. 11, pp. 115-125, 1998.

[7 ] D. Stinson, Cryptography Theory and Practice, CRC Press Inc., NY, USA, 1995.

[8 ] R. Divya & T. Thirumurugan, ―A Novel Dynamic Key Management Scheme Based On Hamming Distance for Wireless Sensor Networks‖, International Journal of Scientific & Engineering Research Volume 2, Issue 5, May- 2011,ISSN 2229-5518

[9 ] Xukai Zou, Yogesh Karandikar and Elisa Bertino, ―A Dynamic key management solution to access hierarchy‖, International Journal of Network Management 2007; 17: 437- 450

[10 ]C. P. Pfleeger and S. L. Pfleeger, Security in Computing, 3rd ed.,Prentice-Hall, 2003.

[11 ]W. Stallings, Cryptography and Network Security, 4th ed., Prentice-Hall, 2005.

[12 ]B. A. Forouzan, Data Communications and Networking, 4th ed., McGraw-Hill, 2007.

[13 ]G. Blelloch, Introduction to Cryptography, online: http://www.2.cs.cmu.edu/afs/cs/project/pscicoguyb/realworld/c rypto.ps, 2000

BIOGRAPHY