Simulation of the Performance Metrics for Securing DSDV Routing Protocol Based on Trusted Environments

To organize the network in an efficient way to minimize the risk of illegal node and to safeguard protected information, a security mechanism is required to secure communication. In addition, a security mechanism is also required to ensure that received information have not been tampered with. In this paper, a more efficient mechanism for Securing the Destination Sequenced Distance Vector Routing Protocol (SDSDV) is proposed. This paper comprehensively investigates the performance impacts by varying the number of maximum connections and mobility on securing the ad hoc network with Destination Sequenced Distance Vector Routing Protocol (DSDV) Routing Protocol. From simulation results, we explore the causes for performance degradation. Based on the investigation, we indicate that we have to impose restrictions on the maximum connections to acquire an expected performance. These results also reveal that the performance decreases with the increment of the mobility and maximum connections that is unequal to 60. If we want to obtain the optimal performance, the number of nodes in a network should be constrained to be 60 if the maximum connections are 60.


Introduction
Ad hoc network is a network with dynamic topology and may change randomly and rapidly at unpredictable times. Due to the fact of the vulnerability of channels, the possibility of denial-of-service attacks will increase due to the physical security treats in mobile wireless networks. The significant objective of ad hoc networks is to provide robust communication in a variation of environments. When a malicious node hijacks the network bandwidth by generating frequently unnecessary route requests, the network resources will be unavailable to other nodes or non-existent nodes and the network no longer operates correctly or crashes. In mobile Ad hoc networks, the system performance relies on cooperative routing. However, a selfish node [1][2][3][4][5] is defined as whom does only forward the control packets to gain his routing information about the networks, which refuses to forward data packets. But, the issue of selfish nodes is beyond the scope of this work. Hence, DSDV routing protocol is assumed that all nodes are trustworthy and cooperative here. Since any attacker can simply look at the contents of packet, effectual algorithm and secret keys are two fundamental components in a cryptographic system. Specifically, a secret key should be not apt to be found and decrypted. One of the primary challenges in cryptography is how to implement the cryptography in wireless mobile networks. In general, secret-key algorithm is often used to protect the actual data. To decrypt the public-key encryption algorithm is more difficult due to the characteristic of key pair that one key used by the sender (private key) and one key used by the receiver (public key). Even if we know the public key of the peer, it is extremely difficult to figure out its private key unless the transaction of key's negotiation is eavesdropped. However, mobility transparency is an essential requirement in mobile wireless system to provide seamless mobility in any heterogeneous networks. This paper first depicts the design's considerations and the Literature survey is given in section 2. The implementations of security in our proposed MDSDV routing protocol in section 3 to enhance the security property of existing routing protocol. We present the system performance due to mobility and maximum connections in section 4. And the simulation results and detailed discussions are also given. Finally, we draw our conclusions in section 5.

Literature Survey
To safeguard protected information and ensure that the received information has not been tamped with, secure efficient distance vector (SEAD) has been proposed in [6][7] based on trusted environments. This proposed protocol can prevent a malicious node from modifying a sequence number or cost metric of an advertised route by using one-way hash function and does not use asymmetric cryptographic operation to guard against denial-of-service attacks. SDSDV [8] protects all messages combining with message authentication using pairwise shared keys. The message authentication code of a message is immediately sent after transmission of the message is finished. Any nodes in SEAD network cannot successfully re-advertise the route with a distance shorter than 2. It also cannot prevent a malicious node from advertising a distance of 2 or longer. SDSDV also incurs a significant network overhead than DSDV because it has to check the consistency of an updated route due to the persistently changes of the sequence number, distance, or the next hop [8]. Based on the balance between the robustness of security and system performance, we are willing to have a similar risk on the security but produce a significant enhancement of the system performance as possible. Since any attacker can simply look at the contents of packet, effectual algorithm and secret keys are two fundamental components in a cryptographic system. Specifically, a secret key should be not apt to be found and decrypted. Mobility transparency is an essential requirement in mobile wireless system to provide seamless mobility in any heterogeneous networks. Therefore, we modify the algorithm of SDSDV routing [8,9] using the encryption of pairwise shared secret key [10][11][12][13][14] to achieve the optimal performance as possible as that of original DSDV routing protocol.

MSDSDV Routing Protocol
In DSDV, each mobile node maintains a completely routing table containing routing information to every node in the network. The routing information includes all available destinations, the metric and next hop to each destination, and a sequence number generated by the destination node. Each node attempts to periodically update the routing table or when significantly available routing information is acquainted to maintain the consistency of the routing table with the dynamically changing topology of the ad hoc network. Sequence numbers and metric values containing in each update play a vital role in DSDV operation. However, a malicious node can easily disrupt the routing protocol by arbitrarily tempering the sequence numbers or the metrics. To enhance the robustness of DSDV routing protocol, we will review the security mechanism of SDSDV and characterize our MSDSDV (modified SDSDV) security mechanism in this section. To provide a more realistic application in mobile wireless ad hoc network is not an easy task. SDSDV [8,9] based on the regular DSDV protocol is particularly designed for wireless Ad hoc network. In order to establish a multi-hop route, SDSDV provide the voluminous information. Due to this reason, a hijacker can analyze the network topology to perform the attack of service of deny focusing on some critical nodes. Therefore, we modify the concept of SDSDV and implement it on the practical wireless mobile Ad hoc system based on the realistic security roaming. The major goal of our proposed SDSDV, denoted as MSDSDV, is to protect the sequence numbers and metrics in each entry of an update from being arbitrarily changed. To achieve this goal, hash chain is implemented to prevent the attack from arbitrarily tampered. We also adopt an authentication tag in the transmitted route to verify the integrity and authenticity of transmitted information. Authentication tag is a function of the node's identification (such as sequence number and cost metric) and the pairwise shared secret key. Authentication tag is Therefore, we can replace the notation in SDSDV routing protocol by the notation denotes that a plaintext X is encrypted by the pairwise shared secret key K i,j which node i v shares with node V v j  , j i  . The symbol | represents concatenation of the information.. But, instead of the statement in SDSDV routing protocol, K i,j is transmitted only at the phases of routing discovery and updated route, and is not sent combining with the message to node j v to avoid the same-distance fraud attack to prevent the attack from arbitrarily tampered. We assume some mechanisms are available for a node to deploy the authentication protocols and the authentic elements from its generated hash chains. Let the notation D Ki,j [X] represent the decrypting procedure of received message X using K i,j . Therefore, when a neighbour node receives the forwarded packet, Equation (1) is used to authenticate the adjacent node by computing the received sequence number and metric, which are received from the neighbour. Since security algorithm is designed for the protection of the network infrastructure, the packet is discarded and no action is executed if the constrained condition is mismatched. Otherwise, the receiving node encrypts its own routing table with the pairwise shared secret key related to the next hop if one of the following conditions is satisfied.

Simulation and Environment and Parameters
To comprehensively measure the performances among DSDV, SDSDV, and MSDSDV, the impact of the performance metrics must be evaluated. When a node is out of the communication range with the neighbour, a transmitted packet will be dropped. Therefore, the packet delivery fraction which is defined as the fraction of the data packets, generated by the source node, that are successfully delivered to the final destination node along the discovered routes can be used to evaluate the ability of the protocol to discover routes and to reflect the maximum throughput that the network can support The simulation was done with ns2 simulator [15]. First, we assume that no means can be used to obtain the spatial information of nodes with respect to other nodes in this network. Each node is initially placed at a random location and moves according to the random waypoint mobility model. The moving speed ranges from 5 and 25 m/s. The destination node in the simulation environment is randomly chosen by each node at the beginning of the simulation. When a node reaches pre-selected location, we assume that this node stays for a period of time (assumed to be zero here), and then chooses a new location at random and moves with a randomly and uniformly chosen velocity. This process of pausing and selecting a new destination to which to move is repeated. In order to address mobile limitations in IEEE 802.11 network, the physical channel bit rate is set to 2 Mbps CBR traffic for IEEE 802.11 DCF and the nominal radio range is 250 m communication range to satisfy the requirement of this standard. The size of application data payload size is 512 bytes for each packet. The number of active stations, denoted as nn , which have some data to be sent, in our simulated scenario is varied from 30 to 90. The number of maximum connections, denoted as mc , in our simulated scenario is varied from 20 to 80. For the routing zone radius for our simulation, the nodes are assumed to be uniformly distributed in 600 m * 600 m two-dimensional square spaces. The simulation time is selected to be 1000 seconds to stabilize the simulation results. All the mobile nodes are assumed to be in the communication range and move with the same constant speed. Maximum connections, packet delivery fraction, mobility, and mean delay metrics are used to evaluate the security protocol. We change the only one parameter and maintain the others unchanged to clarify the effect of changed parameter as much as possible for each comparison. Altering the value of mc makes the first comparison. Each connection is specified as a randomly selected source-destination pair. Figure 1 and figure 2 show the packet delivery ratio versus maximum connections with respect to the DSDV, SDSDV, and MDSDV routing protocol for number of nodes being 30 and 40, respectively. From all of these figures, we see that packet delivery fraction gets worse when mc increases. The packet delivery fraction does not have much impact on the performance between DSDV routing protocol and DSDV routing protocol. But, MDSDV has better performance than SDSDV. We also see that increasing the number of active stations will decrease the packet delivery fraction. It means that the ratio of dropped packets increases. However, the position at mc=60 seems to be worthy of discussion. Increasing the value of mc for each node, it represents that each node nearly has more direct links to all others in the network. Two or more transmitted packets to a same link are considered as collided packets at the same time. Therefore, the packet delivery ratio decreases because the probability of colliding packets increases.
To ensure the correction of our inference for the distinctive characteristic of mc related to each routing protocol in advance, we illustrate simulation result with the example of MDSDV. Varying the value of nn makes second comparison, In a mobile network, we allow mobile node to roam within the specific network. Therefore, the moving speed of nodes and the number of connections should be considered to evaluate the performance of MDSDV routing protocol and compare it with DSDV and SDSDV routing protocol. From figure 3, we can infer no obvious change in the throughput performance among DSDV, SDSDV, and MDSDV routing protocols for each moving speed. However, under the same traffic loads, we see that the increment of mobility of nodes will create the amount of update of the network topology and result in the degradation in network performance.  We also examined the dependence of the delay on each routing protocol at various maximum connections and mobility. We plot the results of average delay of a packet incurred by these three securing routing protocols at speed=5 m/sec and speed=20 m/s based on 20 mc  , respectively. From figure 4, we see that MDSDV routing protocol offers lower average delay time than SDSDV. The higher system's processing loads incurred because every node spends extra time to achieve encryption and decryption mechanism. An extra delay of route maintenance incurred when the mobility increases. These protocols suffer from higher average delay time resulting from both higher probabilities to repair the broken links and the time to report link failure if these broken links cannot be repaired. Figure 3. The performance impact of mobility. When a node moves in or out of range with respect to each other, nodes first try to communicate with other nodes to maintain the connectivity information related to a changing topology. If possible connections are not found, the host will attempt to discovery a new connection for the destination. In this section, we plot the routing overhead incurred by these three securing routing protocols at speed=5m/sec and speed=20 m/s based on 20 mc  , respectively. Figure 5 illustrates that the mobility seems to be not affected by the routing overhead at same moving speed (mobility) among these three routing protocols. This reason is that periodic updates are executed. However, the performance of MDSDV is better than that of SDSDV. In addition, when the mobility increases, unnecessary route reconstructions (i.e., to discover and maintain the communication paths) can be caused from frequently periodic and triggered updates.

Conclusions
In this paper, the vulnerabilities of DSDV and SDSDV routing protocols have been extensively studied. The solution has been carried out based on our proposed MDSD routing protocol in order to prevent attacks. Our proposed routing protocol does not require any additional security functionality to obtain enhanced performance. Our analysis results indicate that the performance is obviously decayed in network if the number of maximum connections is more required. However, the packet delivery fraction is independent of the use of DSDV, SDSDV, and MDSDV routing protocols at a fixed mobility. Suitable parameter selection obviously enhances the performance in the network. For the mobility, we observe that the packet delivery fraction significantly varies at the environments with mobility and nodes. In addition, reducing the number of maximum connections obviously enhanced the system performance in a network.