Mobile Ad Hoc Networks (MANETs)

Mobile Ad Hoc Networks (MANETs) Introduction What is Mobile Ad Hoc Network? With rapid development of wireless technology, the Mobile Ad Hoc Network (MANET) has emerged as a new type of wireless network. MANET is a collection of wireless mobile nodes (e.g. laptops) that dynamically function as a network without the use of any existing infrastructure and centralized administration. It is an autonomous system where each node operates not only as an end system but also as a router to forward packets for other nodes. Since the nodes in MANET move around, the wireless links break and re-establish frequently. Furthermore, most of mobile nodes are resource limited in computing capability and battery power and therefore traditional computing content routing protocols are not suitable for MANET. Several ad hoc routing protocols have been proposed for each node acting as router and maintaining routing information. There are many other applications of MANET. For examples, MANET can be used to provide emergency Services when the network is impaired due to the damaging of existing infrastructure [8]. Computer scientists have predicted a world of ubiquitous computing in which computers will be all around us, constantly performing mundane tasks to make our lives a little easier. These ubiquitous computers connect in mobile ad hoc mode and change the environment or react to the change of the environment where they are suited. MANET is also found useful in the so-called sensor dust network to coordinate the activities and reports of a large collection of tiny sensor devices which could offer detailed information about terrain or environmental dangerous conditions. Problem Statement and Motivation Most current ad hoc routing protocols assume that the wireless network is benign and every node in the network strictly follows the routing behavior and is willing to forward packets for other nodes. Most of these protocols cope well with the dynamically changing topology. However, they do not address the problems when misbehavior nodes present in the network.A commonly observed misbehavior is packet dropping. In a practical MANET, most devices have very limited computing and battery power while packet forwarding consumes a lot of such resources. Thus some of the mobile devices would not like to forward the packets for the benefit of others and they drop packets not destined to them. On the other hand, they still make use of other nodes to forward packets that they originate. These misbehaved nodes are very difficult to identify because we cannot tell that whether the packets are dropped intentionally by the misbehaved nodes or dropped due to the node having moved out of transmission range or other link error. Packet drop significantly decreases the network performance.Traditional security mechanisms are generally not suitable for MANET because: The network lacks central infrastructure to apply traditional security mechanism such as access control, authentication and trusted third party. Limited bandwidth, battery lifetime, and computation power prohibits the deployment of complex routing protocols or encryption algorithms. New security models or mechanisms suitable for MANET must be found. Network topologies and memberships are constantly changing. Thus new intrusion detection system and entity recognition mechanisms that are suitable for mobile ad hoc networks must be designed to avoid or mitigate the behavior to the networks. Trust management systems have been recently introduced as a security mechanism in MANET. In a trust management system, a communicating entity collects evidence regarding competence, honesty or security of other network participants with the purpose of making assessment or decisions regarding their trust relationships. Here trust Objective and Sub-tasks means the confidence of an entity on another entity based on the expectation that the other entity will perform a particular action important to the trustor, irrespective of the ability to monitor or control that other entity . For example, a trust-based routing protocol can collect the evidence of nodes misbehaving, form trust values of the nodes and select safest routes based on the trust metrics.Reputations systems are often seen as a derivation of trust management system. In the reputation system, an entity forms its trust on another entity based not only on the selfobserved evidence but also on the second hand information from third parties. One of the influential reputation systems is the DSR protocol. In the trust management system, reputation system and other trust-based systems, route selection is based on the sending nodes prior experience with other nodes in the network. Its opinions about how other entities are honest are constantly changing. Thus, we call the trust manag ement systems and their derivations as dynamic feedback mechanisms. The dynamic feedback mechanisms are usually applied on the current ad hoc routing protocols to rate the trust about other nodes in the network and make routing decisions based on the trust matrix, which is formed according to the evidence collected from previous interactions. By incorporating the dynamic feedback mechanism in the routing protocol, misbehaved nodes are identified and avoided to forward packets. In this way,misbehavior can be mitigated. Objective and Sub-tasks The primary objective of this thesis is to Investigate the state of the art of dynamic feedback mechanisms and protocols analyze, implement and evaluate DSR protocols to see how it improves the network performance and what are the side effects of introducing the mechanism to the mobile ad hoc network. Following tasks must be done to achieve the primary objective. Study the preliminary knowledge that is required to carry out the main tasks. For example, to understand DSR protocol one must have some knowledge of Bayesian analysis; to do performance analysis one must learn the methodologies of conducting performance analysis and processing simulation data. Investigate security issues of mobile ad hoc network and current dynamic feedback mechanisms or protocols that are used to solve or mitigate the issues. Investigate and learn how to use the network simulation tool. There are several popular network simulation tools available and we need to choose the one that best suits our needs. The selected network simulator should be studied so that we can use it as platform to implement protocol and conduct simulations. Analyze and implement the DSR protocol based on Dynamic Source Routing protocol (DSR); evaluate the network performance. Structure of the Report Since we have almost gone through the chapter one, we only briefly present the content of the subsequent chapters in this section. Preliminary Information State of the Art Analysis Design Implementation and Tests Performance Analysis Conclusion and Future Work Preliminary information we have introduced the MANET. This chapter presents other preliminary information and concepts that will be used in other parts of the thesis. Firstly four general modes of routing operations are introduced and compared. The DSR protocol, which is used as underlying routing protocol in the thesis, is explained in detail. Secondly Bayesian estimation and Beta function are explained to pave the way for the analysis of the reputation model of DSR in the chapter 4. Thirdly some techniques regarding simulation and performance analysis are presented. Finally, several popular network simulation tools are discussed and compared. Mobile Ad Hoc Network Routing Protocols Nowadays there are various routing protocols proposed for the MANET. The most popular ones are DSDV (Destination-Sequenced Distance Vector), TORA (Temporally- Ordered Routing Algorithm), DSR (Dynamic Source Routing) and AODV (Ad-hoc On Demand Distance Vector). These routing protocols can be categorized in different routing operation modes. Mode of Routing Operations These two modes concern whether or not nodes in an ad hoc network should keep track of routes to all possible destinations, or instead keep track of only those destinations of immediate interest Proactive protocols store route information even before it is needed. This kind of protocols has advantage that communications with arbitrary destination experience minimal delay. However it also suffers from the disadvantage that additional control traffic is needed to continually update stale route information. This could significantly increase routing overhead especially for the MANET where the links are often broken. Reactive protocols, on the contrary, acquire routing information only when it is actually needed. However, the latency of the communication increases tremendously especially when a node communicates to another at the first time. Source routing vs. Hop-by-hop routing These two modes concern whether the source node decides the route for a packet to be forwarded to the destination or the intermediate nodes are allowed to decide the next hop until the packet arrives at the destination. In the source routing protocols, the source node decides the route and puts the route information in the packet header. All the intermediate nodes forward the packet along the route faithfully. This kind of protocols has advantage that the intermediate nodes are not required to maintain the routing information. But it suffers from the disadvantage that the packet size grows because of source routing information carried in each packet. In the hop-by-hop routing protocols, it is sufficient for the source to know only how to get to the next hop and intermediate nodes find their own next-hops until the destination. In contrast to source routing protocols, hop-by-hop routing protocols do not increase packet size but they requires all the intermediate nodes to maintain rout ing information. Table 2-1 Categories of routing protocols has compared the performance of these four routing protocols . The results show that DSR has best throughput performance (above 95%) at all mobility rates and movement speeds. Thus we will use DSR as basic routing protocol in this thesis. The Dynamic Source Routing Protocol (DSR) John et al. proposed the dynamic source routing protocol (DSR) [1] which is a routing protocol for use in multi-hop wireless ad hoc networks of mobile nodes. DSR is an ondemand protocol, in which route are only discovered when data need to be transmitted to a node where no route has yet been discovered. The advantage of this on-demand routing protocol is that there are not any periodic routing advertisement and reducing the routing overhead. DSR is also a source routing protocol, allowing multiple routes to any destination and allows each sender to select and control the routes used in routing the packets. DSR is composed of the two main mechanisms: Route Discovery and Route Maintenance which are explained below. Route Discovery Route Discovery aims at finding routes from a source node to destination. Figure 2-1 illustrates the procedure of Route Discovery. When a source node S wants to send a data packet to some destination node D, it first searches its route cache to find whether there is a route to D. If there is no route to D, then S will initiate a Route Discovery and send out Route Request message which is propagated to all the nodes within its transmission range. At the mean time, it saves the data packet in its send buffer. The Route Request message contains the addresses of source node and destination node, a unique route request identifier and a route record which records all the intermediate nodes that this route request packet has traveled through. S appends itself to the beginning of the route record when it initiates the message. When a node receives the Route Request message, it compares the destination address in the message with its own address to judge whether itself is the destination node. If it is not, it will append its own address in the route record and propagate the message to other nodes. If the node is the destination node, it will send a Route Reply message to the source node and the message contains the source route record which is accumulated when the Route Request message is forwarded along its way to the destination. When the destination sends the Route Reply, if it uses MAC protocols such as IEEE 802.11 that require a bidirectional link, it just reverse the source route record and use it as route to send Route Reply to the source node. Otherwise it should find the route by searching its route cache or sending out a Route Request which piggybacks the Route Reply for the source node. When the source node receives the Route Reply message, it puts the returned route into its route cache. From t hen on all the packets destined to the same destination will use this route until it is broken. Route Maintenance Since the ad hoc network is dynamic and the topology of the network changes frequently, the existing routes maintained by nodes in their route cache are often broken. After forwarding a packet, a node must attempt to confirm the reachability of the next-hop node. If the node does not receive any confirmation from the next hop during a certain period of time, it will retransmit the packet. If after a maximum number of retransmission it still does not receive any confirmation, it will think the link to the next hop is broken and will send a Route Error message to the source node. DSR proposes three acknowledge mechanisms to confirm that data can flow over the link from that node to the next hop: Link-layer acknowledgement which is provided by MAC layer protocol such as IEEE 802.11. Passive acknowledgement in which a node hears the next-hop node forwarding the packet and thus confirms the reachability of the link. Network-layer acknowledgement in which a node sends an explicit acknowledgement request to its next-hop node. Passive Acknowledgement Passive Acknowledgement (PACK) is important in DSR protocol because it is used to detect whether the next hop forwards the packet or drops it. We explain it in detail in this section. Passive acknowledgement is used with the assumption that: Network links operates bi- directionally. The network interface is in the promiscuous mode. When a node taps a new packet in promiscuous mode after it originates or forwards a packet, it consider it as an acknowledgement of the first packet if both of following check success. The Source Address, Destination Address, Protocol, Identification, and Fragment Offset fields in the IP header of the two packets MUST match. If either packet contains a DSR Source Route header, both packets MUST contain one, and the value in the Segments Left field in the DSR Source Route header of the new packet MUST be less than that in the first packet. If no matched packet is found during PACK timeout, the node will consider the link between the next hop and itself is broken and will send Route Error message to the source node. Additional features DSR has additional features such as replying to route requests using cached routes, caching overheard routing information, packet salvaging and flow state extension and etc. We will introduce them in section 4.1 and discuss how they will impact the performance of network, how they will interact with DSR and whether they will be enabled in our simulation. Performance Analysis Techniques This section introduces the performance analysis techniques and methodologies that will be used in the performance evaluation. Factors and Primary Factors There are many parameters that will influence the simulation results and need to be carefully chosen in the simulations. Some parameters are chosen based on experience values or the conditions of the network we want to simulate. Others need to be tuned to optimize the network performance. We distinguish the two kinds of parameters as follows: Factors are the variables that affect the simulation result and have several alternatives. Normally they are decided based on experience. Primary factors are the factors whose effects need to be quantified. This kind of factors usually needs to be adjusted through simulation. Data Measurement The key step of the network performance analysis is to interpret the simulation result and summarize the characteristic of the network. To avoid the inaccurate simulation results due to an extreme scenario, we usually run simulations on several different scenarios. The data set of these simulations are called sample. A single number must be presented to give the key characteristic of the sample and this single number is called an average of the data. There are three alternatives to summarize a sample Mean is obtained by taking the sum of all observations and dividing this sum by the number of observations in the sample. Median is obtained by sorting the observations in an increasing order and taking the observation that is in the middle of series. If the number of the observations is even, the mean of the middle two values is used as a median. Mode is obtained by plotting a histogram and specifying the midpoint of the bucket where the histogram peaks. Confidence Interval for the Mean In our performance evaluation, the main objective is to compare the simulation results of DSR and Standard DSR to see whether there is any performance improvement. However, most simulation results are random in some degree due to the particularity of the node movement scenarios and we cannot tell whether the two systems are different. One way to minimize the random effect is to repeat the simulations with different scenarios as many times as possible and get a large sample space. Unfortunately, due to the time limitation we cannot conduct many simulations. points out that using confidence interval we can tell whether the two systems are different with smaller sample space. The confidence interval for the mean can be calculated using If the confidence intervals of the simulation results of the two systems have no overlap, then we can claim the two systems are different and one system is superior or inferior to the other. GloMoSims source and binary code can be downloaded only by academic institutions for research purposes. Commercial users must use QualNet, the commercial version of GloMoSim. OPNET Modeler OPNET Modeler is commercial network simulation environment for network modeling and simulation. It allows the users to design and study communication networks, devices, protocols, and applications with flexibility and scalability [30]. It simulates the network graphically and its graphical editors mirror the structure of actual networks and network components. The users can design the network model visually.The modeler uses object-oriented modeling approach. The nodes and protocols are modeled as classes with inheritance and specialization. The development language is C. Comparison When choosing a network simulator, we normally consider the accuracy of the simulator. Unfortunately there is no conclusion on which of the above three simulator is the most accurate one. David Cavin et al. has conducted experiments to compare the accuracy of the simulators and it finds out that the results are barely comparable [31]. Furthermore, it warns that no standalone simulations can fit all the needs of the wireless developers. It is more realistic to consider a hybrid approach in which only the lowest layers (MAC and physical layers) and the mobility model are simulated and all the upper layers (from transport to application layers) are executed on a dedicated hosts (e.g. cluster of machines). Although there is no definite conclusion about the accuracy of the three network simulators, we have to choose one of them as our simulation environment. We compare the simulators using some metrics and the results are summarized After comparing the three simulators, we decide to choose ns2 as network simulator in our thesis because Ns2 is open source free software. It can be easily downloaded and installed. The author of the thesis has used ns2 in another network related course and gotten familiar with the simulation. Ns2 uses TCL and C++ as development languages for which the author has some programming experience. The author of the DSR protocol has conducted simulation on GloMoSim and gotten performance results. We want to do the simulation on a different simulation to form comparison. State of the Art In this chapter we will introduce the start of the art security solutions in MANET with emphasis on dynamic feedback mechanisms. Firstly, we will present the general security issues/requirements of MANET to pave the way for the future investigation. Then we will discuss the state of the art security mechanisms for MANET such as payment system,trust management system, reputation system, etc. Finally, we will summarize all the security solutions we discussed in this chapter. Security Issues in Mobile Ad Hoc Network Due to lack of central infrastructural and wireless links susceptible to attacks, security in ad hoc network has inherent weakness. In section 1.2 we have discussed the reasons why mobile ad hoc network imposes security challenges that cannot be solved by traditional security mechanisms. In this section, we present the general security properties required by ad hoc network. Following are general security properties regarding ad hoc network Confidentiality: The confdiantiality property is to protect certain information from unauthorized disclosure. The information includes not only the application data that send over the routing protocol, but also the routing information itself as well as network topology and geographical location. Integrity: The integrity ensures that the transmitted message and other system asset are modified only by authorized parties. In the routing level, it requires all nodes in the network following correct routing procedure. The main challenge of ensuring integrity is that without central infrastructure and powerful computing capabilities, it is difficult to apply existing cryptography and key management systems. Availability: The availability property requires that the services or devices are exempt from denial of service, which is normally done by interruption, network or server overload. Typical examples or denial of service attack are radio jamming, in which a misbehaved node transmit radio to interference other nodes communications, and battery exhaustion, in which a misbehaved node interact with a node for no other purpose than to consume its battery energy. Authentication: The authentication property requires that the communication entitys identification is recognized and proved before communication starts. Access control: This property requires restricting resources, services or data to special identities according to their access rights or group membership. Non-repudiation: This property ensures that when data are sent from sender to receiver, the sender cannot deny that he has sent the data and the receiver cannot deny that he has received the data. Mobile nodes may conduct different misbehavior for different purposes. Po-Wah Yau classifies the misbehaved nodes into following categories. Failed nodes are simply those unable to perform an operation; this could be because power failure and environmental events. Badly failed nodes exhibit features of failed nodes but they can also send false routing messages which are a threat to the integrity of the network. Selfish nodes are typified by their unwillingness to cooperate as the protocol requires whenever there is a personal cost involved. Packet dropping is the main attack by selfish nodes. Malicious nodes aim to deliberately disrupt the correct operation of the routing protocol, denying network service if possible. These four types of misbehaved nodes actually can be categorized in two aspects: whether their misbehaviors are intentional or unintentional, and the severity of the results. Payment Systems Payment systems provide economic incentives for the cooperation in MANET. They consider that each node in MANET is its own authority and tries to maximize the benefits it gets from the network. Thus each node tends to be selfish, dropping packets not destined to them but make use of other nodes to forward their own packets. The purpose of payment systems is to encourage the cooperation within the MANET by economic incentives. There are several variations of payment systems proposed. Nuglets Nuglets is a virtual currency mechanism for charging (rewarding) server usage (provision). Nodes that use a service must pay for it (in nuglets) to nodes that provide the service. A typical service is packet forwarding which is provided by intermediate nodes to the source and the destination of the packet. Therefore either the source or the destination should pay for it. There are two models for charging for the packet forwarding service: the Packet Purse Model (PPM) and the Packet Trade Model (PTM). In the Packet Purse Model, the sender pays for the packet. It loads the packet with a number of nuglets when sending the packet. Each intermediate forwarding node acquires some nuglets from the packet that covers its forwarding costs. If a packet does not have enough nuglets to be forwarded, then it is discarded. If there are nuglets left in the packet once it reaches destination, the nuglets are lost. In the Packet Trade Model, the destination pays for the packet. Each intermediate node buys the packet from previous one for some nuglets and sells it to the next one for more nuglets until the destination buys it. Either of the two models has advantages and disadvantages. While the Packet Purse Model deters nodes from sending useless data and avoids the network overloading, the Packet Trade Model can lead to an overload of the network and the destination receives packets it does not want. On the other hand, in the Packet Purse Model it is difficult to estimate the number of nuglets th at are required to reach a given destination. But thePacket Purse Model does not need to consider this problem. To take advantages of the two models and avoid the disadvantages, a hybrid model is suggested. In this model, the sender loads the packet with some nuglets before sending it.The packet is handled according to the Packet Purse Model until it runs out of nuglets. Then it is handled according to the Packet Trade Model until the destination buys it. Counter To address the problems encountered by the nuglets approach such as difficulty in estimating pre-load nuglets and possible network overload, another payment approach based on credit counter is suggested. In this approach, the current state of each node is described by two variables b and c, where b is the remaining battery power and cstands for the value of its nuglet counter. More precisely, b is the number of packets that the node can send using its remaining energy and c is the number of packets a node canoriginate. A node can originate a number of packets N only when the condition c=N holds. When a node forwards a packet, nuglet counter c is increased by one and b is reduced by one. Thus in order to originate packets, each node must earn credits by forwarding packets. The counter solution requires tamper resistant hardware security module. Spirit S. Zhong et al. proposed Sprite [19], a credit-based system for MANET. As opposed to Nuglets or Counter they do not require tamper-proof hardware to prevent the fabrication of payment units. Instead, they introduce a central Credit Clearance Service (CCS). The basic scheme of the system is as follows. When a node receives a message the node keeps a receipt of the message and reports to the CCS when the node has a fast connection to Credit Clearance Service (CCS). The CCS then determines the charge and credits to each node involved in the transmission of a message, depending on the reported receipts of a message. In this scheme, the sender charges money. A node that has forwarded a message is compensated, but the credit that a node receives depends on whether or not its forwarding action is successful. Forwarding is considered successful if and only if the next node on the path reports a valid receipt to the CCS. Discussion on the Payment Systems The payment systems we describe in above sections either assumes a tamper resistant hardware module is available to ensure that the behavior of the node is not modified or requires a central authority server to determine the charge and credit to each node involved in the transmission of a message. Tamper resistant hardware may not be appropriate for most mobile devices because it demands advanced hardware solution and increases the cost of the devices. Lacking of central authority server is right the inherent property of MANET that causes security challenges so it is also not appropriate. Furthermore, all the approaches described above suffer from locality problems [20] that nodes in different locations of the network will have different chances for earning virtualcurrency, which may not be fair for all nodes. Usually nodes at the periphery of the network will have less chance to be rewarded. Reputation System Reputation systems have emerged as a way to reduce the risk entailed in interactions among total strangers in electronic marketplace. Centralized reputation systems have been adopted by many on-line electronic auctions such as eBay to collect and store reputation ratings from feedback providers in a centralized reputation database. Decentralized reputation systems used by MANET, on the other hand, do not use centralized reputation database. Instead, in these reputation systems, each node keeps the ratings about other node and updating the ratings by direct observation of the behaviorsof neighboring nodes or second hand information from other trusted nodes. Identifies three goals for reputation systems: To provide information to distinguish between a trust-worthy principal and an untrustworthy principals. To encourage principals to act in a trustworthy manner To discourage untrustworthy principals from participating in the service the reputation mechanism is present to protect. Most of the reputation systems in MANET are based on trust management system. Trust is such a subjective and dynamic concept that different entities can hold different opinions on it even while facing the same situation. Trust management system can work without reputation system. For example, a mobile node can form opinion about other nodes by direct experience with the nodes.We can unify reputation system and trust management system to dynamic feedback mechanisms. Former one is a global reputation system and mobile nodes share their own experiences of interaction with other nodes. The later one is a local reputation system in which mobile nodes rating the trustability of other nodes based on its own observation. DSR DSR is a reputation system aiming at coping with misbehavior in MANET. The idea is to detect the misbehaved nodes and isolate them fromcommunication by not using them for routing and forwarding and by not allowing the misbehaved nodes to use itself to forward packets. DSR stands for Cooperation Of Nodes: Fairness In Dynamic Ad-hoc Network. It usually works as an extension to on demand routing Mobile Ad Hoc Networks (MANETs) Mobile Ad Hoc Networks (MANETs) Introduction What is Mobile Ad Hoc Network? With rapid development of wireless technology, the Mobile Ad Hoc Network (MANET) has emerged as a new type of wireless network. MANET is a collection of wireless mobile nodes (e.g. laptops) that dynamically function as a network without the use of any existing infrastructure and centralized administration. It is an autonomous system where each node operates not only as an end system but also as a router to forward packets for other nodes. Since the nodes in MANET move around, the wireless links break and re-establish frequently. Furthermore, most of mobile nodes are resource limited in computing capability and battery power and therefore traditional computing content routing protocols are not suitable for MANET. Several ad hoc routing protocols have been proposed for each node acting as router and maintaining routing information. There are many other applications of MANET. For examples, MANET can be used to provide emergency Services when the network is impaired due to the damaging of existing infrastructure [8]. Computer scientists have predicted a world of ubiquitous computing in which computers will be all around us, constantly performing mundane tasks to make our lives a little easier. These ubiquitous computers connect in mobile ad hoc mode and change the environment or react to the change of the environment where they are suited. MANET is also found useful in the so-called sensor dust network to coordinate the activities and reports of a large collection of tiny sensor devices which could offer detailed information about terrain or environmental dangerous conditions. Problem Statement and Motivation Most current ad hoc routing protocols assume that the wireless network is benign and every node in the network strictly follows the routing behavior and is willing to forward packets for other nodes. Most of these protocols cope well with the dynamically changing topology. However, they do not address the problems when misbehavior nodes present in the network.A commonly observed misbehavior is packet dropping. In a practical MANET, most devices have very limited computing and battery power while packet forwarding consumes a lot of such resources. Thus some of the mobile devices would not like to forward the packets for the benefit of others and they drop packets not destined to them. On the other hand, they still make use of other nodes to forward packets that they originate. These misbehaved nodes are very difficult to identify because we cannot tell that whether the packets are dropped intentionally by the misbehaved nodes or dropped due to the node having moved out of transmission range or other link error. Packet drop significantly decreases the network performance.Traditional security mechanisms are generally not suitable for MANET because: The network lacks central infrastructure to apply traditional security mechanism such as access control, authentication and trusted third party. Limited bandwidth, battery lifetime, and computation power prohibits the deployment of complex routing protocols or encryption algorithms. New security models or mechanisms suitable for MANET must be found. Network topologies and memberships are constantly changing. Thus new intrusion detection system and entity recognition mechanisms that are suitable for mobile ad hoc networks must be designed to avoid or mitigate the behavior to the networks. Trust management systems have been recently introduced as a security mechanism in MANET. In a trust management system, a communicating entity collects evidence regarding competence, honesty or security of other network participants with the purpose of making assessment or decisions regarding their trust relationships. Here trust Objective and Sub-tasks means the confidence of an entity on another entity based on the expectation that the other entity will perform a particular action important to the trustor, irrespective of the ability to monitor or control that other entity . For example, a trust-based routing protocol can collect the evidence of nodes misbehaving, form trust values of the nodes and select safest routes based on the trust metrics.Reputations systems are often seen as a derivation of trust management system. In the reputation system, an entity forms its trust on another entity based not only on the selfobserved evidence but also on the second hand information from third parties. One of the influential reputation systems is the DSR protocol. In the trust management system, reputation system and other trust-based systems, route selection is based on the sending nodes prior experience with other nodes in the network. Its opinions about how other entities are honest are constantly changing. Thus, we call the trust manag ement systems and their derivations as dynamic feedback mechanisms. The dynamic feedback mechanisms are usually applied on the current ad hoc routing protocols to rate the trust about other nodes in the network and make routing decisions based on the trust matrix, which is formed according to the evidence collected from previous interactions. By incorporating the dynamic feedback mechanism in the routing protocol, misbehaved nodes are identified and avoided to forward packets. In this way,misbehavior can be mitigated. Objective and Sub-tasks The primary objective of this thesis is to Investigate the state of the art of dynamic feedback mechanisms and protocols analyze, implement and evaluate DSR protocols to see how it improves the network performance and what are the side effects of introducing the mechanism to the mobile ad hoc network. Following tasks must be done to achieve the primary objective. Study the preliminary knowledge that is required to carry out the main tasks. For example, to understand DSR protocol one must have some knowledge of Bayesian analysis; to do performance analysis one must learn the methodologies of conducting performance analysis and processing simulation data. Investigate security issues of mobile ad hoc network and current dynamic feedback mechanisms or protocols that are used to solve or mitigate the issues. Investigate and learn how to use the network simulation tool. There are several popular network simulation tools available and we need to choose the one that best suits our needs. The selected network simulator should be studied so that we can use it as platform to implement protocol and conduct simulations. Analyze and implement the DSR protocol based on Dynamic Source Routing protocol (DSR); evaluate the network performance. Structure of the Report Since we have almost gone through the chapter one, we only briefly present the content of the subsequent chapters in this section. Preliminary Information State of the Art Analysis Design Implementation and Tests Performance Analysis Conclusion and Future Work Preliminary information we have introduced the MANET. This chapter presents other preliminary information and concepts that will be used in other parts of the thesis. Firstly four general modes of routing operations are introduced and compared. The DSR protocol, which is used as underlying routing protocol in the thesis, is explained in detail. Secondly Bayesian estimation and Beta function are explained to pave the way for the analysis of the reputation model of DSR in the chapter 4. Thirdly some techniques regarding simulation and performance analysis are presented. Finally, several popular network simulation tools are discussed and compared. Mobile Ad Hoc Network Routing Protocols Nowadays there are various routing protocols proposed for the MANET. The most popular ones are DSDV (Destination-Sequenced Distance Vector), TORA (Temporally- Ordered Routing Algorithm), DSR (Dynamic Source Routing) and AODV (Ad-hoc On Demand Distance Vector). These routing protocols can be categorized in different routing operation modes. Mode of Routing Operations These two modes concern whether or not nodes in an ad hoc network should keep track of routes to all possible destinations, or instead keep track of only those destinations of immediate interest Proactive protocols store route information even before it is needed. This kind of protocols has advantage that communications with arbitrary destination experience minimal delay. However it also suffers from the disadvantage that additional control traffic is needed to continually update stale route information. This could significantly increase routing overhead especially for the MANET where the links are often broken. Reactive protocols, on the contrary, acquire routing information only when it is actually needed. However, the latency of the communication increases tremendously especially when a node communicates to another at the first time. Source routing vs. Hop-by-hop routing These two modes concern whether the source node decides the route for a packet to be forwarded to the destination or the intermediate nodes are allowed to decide the next hop until the packet arrives at the destination. In the source routing protocols, the source node decides the route and puts the route information in the packet header. All the intermediate nodes forward the packet along the route faithfully. This kind of protocols has advantage that the intermediate nodes are not required to maintain the routing information. But it suffers from the disadvantage that the packet size grows because of source routing information carried in each packet. In the hop-by-hop routing protocols, it is sufficient for the source to know only how to get to the next hop and intermediate nodes find their own next-hops until the destination. In contrast to source routing protocols, hop-by-hop routing protocols do not increase packet size but they requires all the intermediate nodes to maintain rout ing information. Table 2-1 Categories of routing protocols has compared the performance of these four routing protocols . The results show that DSR has best throughput performance (above 95%) at all mobility rates and movement speeds. Thus we will use DSR as basic routing protocol in this thesis. The Dynamic Source Routing Protocol (DSR) John et al. proposed the dynamic source routing protocol (DSR) [1] which is a routing protocol for use in multi-hop wireless ad hoc networks of mobile nodes. DSR is an ondemand protocol, in which route are only discovered when data need to be transmitted to a node where no route has yet been discovered. The advantage of this on-demand routing protocol is that there are not any periodic routing advertisement and reducing the routing overhead. DSR is also a source routing protocol, allowing multiple routes to any destination and allows each sender to select and control the routes used in routing the packets. DSR is composed of the two main mechanisms: Route Discovery and Route Maintenance which are explained below. Route Discovery Route Discovery aims at finding routes from a source node to destination. Figure 2-1 illustrates the procedure of Route Discovery. When a source node S wants to send a data packet to some destination node D, it first searches its route cache to find whether there is a route to D. If there is no route to D, then S will initiate a Route Discovery and send out Route Request message which is propagated to all the nodes within its transmission range. At the mean time, it saves the data packet in its send buffer. The Route Request message contains the addresses of source node and destination node, a unique route request identifier and a route record which records all the intermediate nodes that this route request packet has traveled through. S appends itself to the beginning of the route record when it initiates the message. When a node receives the Route Request message, it compares the destination address in the message with its own address to judge whether itself is the destination node. If it is not, it will append its own address in the route record and propagate the message to other nodes. If the node is the destination node, it will send a Route Reply message to the source node and the message contains the source route record which is accumulated when the Route Request message is forwarded along its way to the destination. When the destination sends the Route Reply, if it uses MAC protocols such as IEEE 802.11 that require a bidirectional link, it just reverse the source route record and use it as route to send Route Reply to the source node. Otherwise it should find the route by searching its route cache or sending out a Route Request which piggybacks the Route Reply for the source node. When the source node receives the Route Reply message, it puts the returned route into its route cache. From t hen on all the packets destined to the same destination will use this route until it is broken. Route Maintenance Since the ad hoc network is dynamic and the topology of the network changes frequently, the existing routes maintained by nodes in their route cache are often broken. After forwarding a packet, a node must attempt to confirm the reachability of the next-hop node. If the node does not receive any confirmation from the next hop during a certain period of time, it will retransmit the packet. If after a maximum number of retransmission it still does not receive any confirmation, it will think the link to the next hop is broken and will send a Route Error message to the source node. DSR proposes three acknowledge mechanisms to confirm that data can flow over the link from that node to the next hop: Link-layer acknowledgement which is provided by MAC layer protocol such as IEEE 802.11. Passive acknowledgement in which a node hears the next-hop node forwarding the packet and thus confirms the reachability of the link. Network-layer acknowledgement in which a node sends an explicit acknowledgement request to its next-hop node. Passive Acknowledgement Passive Acknowledgement (PACK) is important in DSR protocol because it is used to detect whether the next hop forwards the packet or drops it. We explain it in detail in this section. Passive acknowledgement is used with the assumption that: Network links operates bi- directionally. The network interface is in the promiscuous mode. When a node taps a new packet in promiscuous mode after it originates or forwards a packet, it consider it as an acknowledgement of the first packet if both of following check success. The Source Address, Destination Address, Protocol, Identification, and Fragment Offset fields in the IP header of the two packets MUST match. If either packet contains a DSR Source Route header, both packets MUST contain one, and the value in the Segments Left field in the DSR Source Route header of the new packet MUST be less than that in the first packet. If no matched packet is found during PACK timeout, the node will consider the link between the next hop and itself is broken and will send Route Error message to the source node. Additional features DSR has additional features such as replying to route requests using cached routes, caching overheard routing information, packet salvaging and flow state extension and etc. We will introduce them in section 4.1 and discuss how they will impact the performance of network, how they will interact with DSR and whether they will be enabled in our simulation. Performance Analysis Techniques This section introduces the performance analysis techniques and methodologies that will be used in the performance evaluation. Factors and Primary Factors There are many parameters that will influence the simulation results and need to be carefully chosen in the simulations. Some parameters are chosen based on experience values or the conditions of the network we want to simulate. Others need to be tuned to optimize the network performance. We distinguish the two kinds of parameters as follows: Factors are the variables that affect the simulation result and have several alternatives. Normally they are decided based on experience. Primary factors are the factors whose effects need to be quantified. This kind of factors usually needs to be adjusted through simulation. Data Measurement The key step of the network performance analysis is to interpret the simulation result and summarize the characteristic of the network. To avoid the inaccurate simulation results due to an extreme scenario, we usually run simulations on several different scenarios. The data set of these simulations are called sample. A single number must be presented to give the key characteristic of the sample and this single number is called an average of the data. There are three alternatives to summarize a sample Mean is obtained by taking the sum of all observations and dividing this sum by the number of observations in the sample. Median is obtained by sorting the observations in an increasing order and taking the observation that is in the middle of series. If the number of the observations is even, the mean of the middle two values is used as a median. Mode is obtained by plotting a histogram and specifying the midpoint of the bucket where the histogram peaks. Confidence Interval for the Mean In our performance evaluation, the main objective is to compare the simulation results of DSR and Standard DSR to see whether there is any performance improvement. However, most simulation results are random in some degree due to the particularity of the node movement scenarios and we cannot tell whether the two systems are different. One way to minimize the random effect is to repeat the simulations with different scenarios as many times as possible and get a large sample space. Unfortunately, due to the time limitation we cannot conduct many simulations. points out that using confidence interval we can tell whether the two systems are different with smaller sample space. The confidence interval for the mean can be calculated using If the confidence intervals of the simulation results of the two systems have no overlap, then we can claim the two systems are different and one system is superior or inferior to the other. GloMoSims source and binary code can be downloaded only by academic institutions for research purposes. Commercial users must use QualNet, the commercial version of GloMoSim. OPNET Modeler OPNET Modeler is commercial network simulation environment for network modeling and simulation. It allows the users to design and study communication networks, devices, protocols, and applications with flexibility and scalability [30]. It simulates the network graphically and its graphical editors mirror the structure of actual networks and network components. The users can design the network model visually.The modeler uses object-oriented modeling approach. The nodes and protocols are modeled as classes with inheritance and specialization. The development language is C. Comparison When choosing a network simulator, we normally consider the accuracy of the simulator. Unfortunately there is no conclusion on which of the above three simulator is the most accurate one. David Cavin et al. has conducted experiments to compare the accuracy of the simulators and it finds out that the results are barely comparable [31]. Furthermore, it warns that no standalone simulations can fit all the needs of the wireless developers. It is more realistic to consider a hybrid approach in which only the lowest layers (MAC and physical layers) and the mobility model are simulated and all the upper layers (from transport to application layers) are executed on a dedicated hosts (e.g. cluster of machines). Although there is no definite conclusion about the accuracy of the three network simulators, we have to choose one of them as our simulation environment. We compare the simulators using some metrics and the results are summarized After comparing the three simulators, we decide to choose ns2 as network simulator in our thesis because Ns2 is open source free software. It can be easily downloaded and installed. The author of the thesis has used ns2 in another network related course and gotten familiar with the simulation. Ns2 uses TCL and C++ as development languages for which the author has some programming experience. The author of the DSR protocol has conducted simulation on GloMoSim and gotten performance results. We want to do the simulation on a different simulation to form comparison. State of the Art In this chapter we will introduce the start of the art security solutions in MANET with emphasis on dynamic feedback mechanisms. Firstly, we will present the general security issues/requirements of MANET to pave the way for the future investigation. Then we will discuss the state of the art security mechanisms for MANET such as payment system,trust management system, reputation system, etc. Finally, we will summarize all the security solutions we discussed in this chapter. Security Issues in Mobile Ad Hoc Network Due to lack of central infrastructural and wireless links susceptible to attacks, security in ad hoc network has inherent weakness. In section 1.2 we have discussed the reasons why mobile ad hoc network imposes security challenges that cannot be solved by traditional security mechanisms. In this section, we present the general security properties required by ad hoc network. Following are general security properties regarding ad hoc network Confidentiality: The confdiantiality property is to protect certain information from unauthorized disclosure. The information includes not only the application data that send over the routing protocol, but also the routing information itself as well as network topology and geographical location. Integrity: The integrity ensures that the transmitted message and other system asset are modified only by authorized parties. In the routing level, it requires all nodes in the network following correct routing procedure. The main challenge of ensuring integrity is that without central infrastructure and powerful computing capabilities, it is difficult to apply existing cryptography and key management systems. Availability: The availability property requires that the services or devices are exempt from denial of service, which is normally done by interruption, network or server overload. Typical examples or denial of service attack are radio jamming, in which a misbehaved node transmit radio to interference other nodes communications, and battery exhaustion, in which a misbehaved node interact with a node for no other purpose than to consume its battery energy. Authentication: The authentication property requires that the communication entitys identification is recognized and proved before communication starts. Access control: This property requires restricting resources, services or data to special identities according to their access rights or group membership. Non-repudiation: This property ensures that when data are sent from sender to receiver, the sender cannot deny that he has sent the data and the receiver cannot deny that he has received the data. Mobile nodes may conduct different misbehavior for different purposes. Po-Wah Yau classifies the misbehaved nodes into following categories. Failed nodes are simply those unable to perform an operation; this could be because power failure and environmental events. Badly failed nodes exhibit features of failed nodes but they can also send false routing messages which are a threat to the integrity of the network. Selfish nodes are typified by their unwillingness to cooperate as the protocol requires whenever there is a personal cost involved. Packet dropping is the main attack by selfish nodes. Malicious nodes aim to deliberately disrupt the correct operation of the routing protocol, denying network service if possible. These four types of misbehaved nodes actually can be categorized in two aspects: whether their misbehaviors are intentional or unintentional, and the severity of the results. Payment Systems Payment systems provide economic incentives for the cooperation in MANET. They consider that each node in MANET is its own authority and tries to maximize the benefits it gets from the network. Thus each node tends to be selfish, dropping packets not destined to them but make use of other nodes to forward their own packets. The purpose of payment systems is to encourage the cooperation within the MANET by economic incentives. There are several variations of payment systems proposed. Nuglets Nuglets is a virtual currency mechanism for charging (rewarding) server usage (provision). Nodes that use a service must pay for it (in nuglets) to nodes that provide the service. A typical service is packet forwarding which is provided by intermediate nodes to the source and the destination of the packet. Therefore either the source or the destination should pay for it. There are two models for charging for the packet forwarding service: the Packet Purse Model (PPM) and the Packet Trade Model (PTM). In the Packet Purse Model, the sender pays for the packet. It loads the packet with a number of nuglets when sending the packet. Each intermediate forwarding node acquires some nuglets from the packet that covers its forwarding costs. If a packet does not have enough nuglets to be forwarded, then it is discarded. If there are nuglets left in the packet once it reaches destination, the nuglets are lost. In the Packet Trade Model, the destination pays for the packet. Each intermediate node buys the packet from previous one for some nuglets and sells it to the next one for more nuglets until the destination buys it. Either of the two models has advantages and disadvantages. While the Packet Purse Model deters nodes from sending useless data and avoids the network overloading, the Packet Trade Model can lead to an overload of the network and the destination receives packets it does not want. On the other hand, in the Packet Purse Model it is difficult to estimate the number of nuglets th at are required to reach a given destination. But thePacket Purse Model does not need to consider this problem. To take advantages of the two models and avoid the disadvantages, a hybrid model is suggested. In this model, the sender loads the packet with some nuglets before sending it.The packet is handled according to the Packet Purse Model until it runs out of nuglets. Then it is handled according to the Packet Trade Model until the destination buys it. Counter To address the problems encountered by the nuglets approach such as difficulty in estimating pre-load nuglets and possible network overload, another payment approach based on credit counter is suggested. In this approach, the current state of each node is described by two variables b and c, where b is the remaining battery power and cstands for the value of its nuglet counter. More precisely, b is the number of packets that the node can send using its remaining energy and c is the number of packets a node canoriginate. A node can originate a number of packets N only when the condition c=N holds. When a node forwards a packet, nuglet counter c is increased by one and b is reduced by one. Thus in order to originate packets, each node must earn credits by forwarding packets. The counter solution requires tamper resistant hardware security module. Spirit S. Zhong et al. proposed Sprite [19], a credit-based system for MANET. As opposed to Nuglets or Counter they do not require tamper-proof hardware to prevent the fabrication of payment units. Instead, they introduce a central Credit Clearance Service (CCS). The basic scheme of the system is as follows. When a node receives a message the node keeps a receipt of the message and reports to the CCS when the node has a fast connection to Credit Clearance Service (CCS). The CCS then determines the charge and credits to each node involved in the transmission of a message, depending on the reported receipts of a message. In this scheme, the sender charges money. A node that has forwarded a message is compensated, but the credit that a node receives depends on whether or not its forwarding action is successful. Forwarding is considered successful if and only if the next node on the path reports a valid receipt to the CCS. Discussion on the Payment Systems The payment systems we describe in above sections either assumes a tamper resistant hardware module is available to ensure that the behavior of the node is not modified or requires a central authority server to determine the charge and credit to each node involved in the transmission of a message. Tamper resistant hardware may not be appropriate for most mobile devices because it demands advanced hardware solution and increases the cost of the devices. Lacking of central authority server is right the inherent property of MANET that causes security challenges so it is also not appropriate. Furthermore, all the approaches described above suffer from locality problems [20] that nodes in different locations of the network will have different chances for earning virtualcurrency, which may not be fair for all nodes. Usually nodes at the periphery of the network will have less chance to be rewarded. Reputation System Reputation systems have emerged as a way to reduce the risk entailed in interactions among total strangers in electronic marketplace. Centralized reputation systems have been adopted by many on-line electronic auctions such as eBay to collect and store reputation ratings from feedback providers in a centralized reputation database. Decentralized reputation systems used by MANET, on the other hand, do not use centralized reputation database. Instead, in these reputation systems, each node keeps the ratings about other node and updating the ratings by direct observation of the behaviorsof neighboring nodes or second hand information from other trusted nodes. Identifies three goals for reputation systems: To provide information to distinguish between a trust-worthy principal and an untrustworthy principals. To encourage principals to act in a trustworthy manner To discourage untrustworthy principals from participating in the service the reputation mechanism is present to protect. Most of the reputation systems in MANET are based on trust management system. Trust is such a subjective and dynamic concept that different entities can hold different opinions on it even while facing the same situation. Trust management system can work without reputation system. For example, a mobile node can form opinion about other nodes by direct experience with the nodes.We can unify reputation system and trust management system to dynamic feedback mechanisms. Former one is a global reputation system and mobile nodes share their own experiences of interaction with other nodes. The later one is a local reputation system in which mobile nodes rating the trustability of other nodes based on its own observation. DSR DSR is a reputation system aiming at coping with misbehavior in MANET. The idea is to detect the misbehaved nodes and isolate them fromcommunication by not using them for routing and forwarding and by not allowing the misbehaved nodes to use itself to forward packets. DSR stands for Cooperation Of Nodes: Fairness In Dynamic Ad-hoc Network. It usually works as an extension to on demand routing