MOBILE COMPUTING

UNIT V Recommended Books:

1. 2.

J. Schiller, Mobile Communications, Addison Wesley Charles Perkins, Ad-hoc Networks, Addison Wesley.

UNIT- V MOBILE COMPUTING

Motivation for Ad-hoc Networks

Mobile hosts such as notebook computers featuring powerful CPUs, large main memories and disk space, multimedia capabilities and colour displays are now quite common in everyday business and personal life. At the same time network connectivity options for use with mobile hosts have increased dramatically, including support for a growing number of wireless networking products based on radio and infrared. Natural desire and ability to share information between mobile users:
Employees in a conference room Friends in an airport terminal Search and rescue teams Military data acquisition operations in hospitable terrain
UNIT- V MOBILE COMPUTING 2

Ad-hoc Networks
A collection of wireless mobile hosts dynamically forming a temporary network without the use of any existing network infrastructure or centralized administration. Due to the limited transmission range of wireless network interfaces, multiple network hops may be needed for one node to exchange data with another across the network. Need a dynamic routing protocol that can efficiently find routes between two nodes.
UNIT- V MOBILE COMPUTING 3

Ad-hoc Routing

Source

Destination

UNIT- V MOBILE COMPUTING

Ad-hoc Routing Challenges

Correct and efficient route establishment between a pair of nodes so that messages may be delivered in a timely manner. Keep up with high degree of node mobility. Conserve power- power aware routing(Battery constraints) Wireless medium challenges:
Links may not be bi-directional High error rates (Hidden Terminal Problem) Redundant paths Limited BW Multicast Limited wireless transmission range

Broadcast nature of the wireless medium

Hidden terminal problem

Packet losses due to transmission errors Mobility-induced route changes Mobility-induced packet losses Potentially frequent network partitions Ease of snooping on wireless transmissions (security hazard)
UNIT- V MOBILE COMPUTING 5

Ad-hoc routing protocols history

DARPA (Defence Advanced Research Projects) packet radio networks in early 1970s was the first attempt. Since then numerous protocols have been developed:
Table-driven
Attempt to maintain consistent up-to-date routing information from each node to every other node in the network. DSDV, CGSR, WRP Substantial traffic and power consumption caused by periodic updates but routes are always available.

Source-initiated On-Demand
When a node requires a route to destination it initiates a route discovery process within the network. AODV, DSR, TORA, ABR, SSR

MANET (Mobile ad hoc networking) has been formed within the IETF (Internet Engineering Task Force) to develop a routing framework for IP-based protocols in ad hoc networks.
UNIT- V MOBILE COMPUTING 6

The characteristics of Ad-hoc Network

Self-creating not rely on a preexisting fixed infrastructure Self-organizing no predetermined topology Self-administering no central control creating a network on the fly Infrastructure less No fixed routers Highly mobile Changing topology
UNIT- V MOBILE COMPUTING 7

The characteristics of Ad-hoc Network

Link instability Resource poor Limited energy resources Limited wireless transmission range Broadcast nature of the wireless medium Hidden terminal problem Packet losses due to transmission errors Mobility-induced route changes Mobility-induced packet losses Battery constraints Potentially frequent network partitions Ease of snooping on wireless transmissions (security hazard)
UNIT- V MOBILE COMPUTING 8

Advantages / Disadvantages Of Ad-hoc Network

Advantages: Can be created and used any time, anywhere No preexisting fixed infrastructure is prerequisite Intrinsically fault-resilient No fixed topology Disadvantages: Energy-constrained nodes Bandwidth-constrained, variable-capacity wireless links Dynamic topology
UNIT- V MOBILE COMPUTING 9

Application for Ad-Hoc Network

Military operations communication in a hostile environment disaster recovery, as well as search and rescue (Emergency operations) rapid deployment of a communication network where infrastructures dont exist or have been damaged Sporadic happenings coverage Civilian environments taxi cab network meeting rooms sports stadiums boats, small aircraft policing and fire fighting
UNIT- V MOBILE COMPUTING 10

Desirable Properties of MANET

DISTRIBUTED OPERATION LOOP FREE DEMAND BASED OPERATION UNIDIRECTIONAL LINK SUPPORT SECURITY POWER CONSERVATION MULTIPLE ROUTES QUALITY OF SERVICE SUPPORT
UNIT- V MOBILE COMPUTING 11

Classification of Routing Protocols

Centralized vs. Distributed In centralized algorithms, all route choices are made at a central node, while in distributed algorithms, the computation of routes is shared among the network nodes. Static vs. Adaptive Another classification of routing protocols relates to whether they change routes in response to the traffic input patterns. In static algorithms, the route used by source-destination pairs is fixed regardless of traffic conditions. It can only change in response to a node or link failure. This type of algorithm cannot achieve high throughput under a broad variety of traffic input patterns. Most major packet networks uses some form of adaptive routing where the routes used to route between source-destination pairs may change in response to congestion Reactive vs. Proactive In proactive method, the routes to all destinations are computed a priori. In order to compute routes in advance, nodes need to store the entire or partial information about link states and network topology. In order to keep the information up-to-date, nodes need to update their information periodically or whenever the link state or network topology changes In reactive method, the route to a destination may not be known in advance and it is computed only when the route is needed. When a source needs to send packets to a destination, it first finds a route or several routes to the destination. This process is called route discovery.
UNIT- V MOBILE COMPUTING 12

Ad-hoc Network Routing Protocols

Ad-hoc Routing Protocols Reactive Protocols
DSR DSDV TORA OLSR AODV WRP

Proactive Protocols

Hybrid Protocols

ZRP

Hierarchical Protocols

CBRP

GSR

Geographical Protocols

LAR

GLS

Power Aware Protocols

PARO

EADSR

Multicast Protocols

CBM

NZR

Geocasting Protocols
LBM Geo TORA UNIT- V MOBILE COMPUTING

13

Proactive Protocols
Proactive: maintain routing information independently of need for communication Update messages send throughout the network periodically or when network topology changes. Low latency, suitable for real-time traffic Bandwidth might get wasted due to periodic updates Pro-active (Table-driven) (DSDV (Highly Dynamic Destination-Sequenced Distance Vector routing protocol) , IARP (Intrazone Routing Protocol/pro-active part of the ZRP) They maintain O(N) state per node, N = #nodes
UNIT- V MOBILE COMPUTING 14

On-Demand or Reactive Routing

Reactive: discover route only when you need it Saves energy and bandwidth during inactivity Can be bursty -> congestion during high activity Significant delay might occur as a result of route discovery Good for light loads, collapse in large loads Reactive (On-demand) (AODV (Ad hoc On Demand Distance Vector routing protocol) , DSR (Dynamic Source Routing protocol) , IERP (Interzone Routing Protocol/reactive part of the ZRP) , DYMO (DYnamic Manet On-demand routing protocol) , TORA (Temporally-Ordered Routing Algorithm routing protocol) )
UNIT- V MOBILE COMPUTING 15

Hybrid Routing
Proactive for neighborhood, Reactive for far away (Zone Routing Protocol, Haas group) Proactive for long distance, Reactive for neighborhood (Safari) Attempts to strike balance between the two Hybrid (Pro-Active/Reactive) :- e.g. ZRP (Zone Routing Protocol)

UNIT- V MOBILE COMPUTING

16

Hierarchical Routing
Nodes are organized in clusters Cluster head controls cluster Trade off Overhead and confusion for leader election Scalability: intra-cluster vs intercluster One or Multiple levels of hierarchy Hierarchical :- CBRP (Cluster Based Routing Protocol) , GSR (Global State Routing protocol) , DDR (Distributed Dynamic Routing Algorithm)
UNIT- V MOBILE COMPUTING 17

Geographical Routing

This type of protocols acknowledges the influence of physical distances and distribution of nodes to areas as significant to network performance. The main disadvantages of such algorithms are: Efficiency depends on balancing the geographic distribution versus occurrence of traffic. Any dependence of performance with traffic load thwarting the negligence of distance may occur in overload Nodes know their geo coordinates (GPS) Route to move packet closer to end point Protocols DREAM, GPSR, LAR Propagate geo info by flooding (decrease frequency for long distances) Geographical :- LAR (Location-Aided Routing protocol) , GLS(Grid) (Geographic Location Service)
UNIT- V MOBILE COMPUTING 18

Power Aware
Energy required to transmit a signal is proportional to the square of the distance. Transmitting a signal half the distance requires one fourth of the energy and if there is a node in the middle willing spend another fourth of its energy for the second half, data would be transmitted for half of the energy than through a direct transmission. This however introduces a delay. e.g PARO (Power-Aware Routing Optimization Protocol) , EADSR (Energy Aware Dynamic Source Routing Protocol)
UNIT- V MOBILE COMPUTING 19

Multicast
When a message needs to be sent to a varying number of receivers, it is more efficient to multicast the message to a multicast group instead of unicasting an identical message to many different receivers. Unfortunately, as noted in (Chiang et al., 1997) multicast communication is difficult in an Ad-hoc network. Ad-hoc networks are fundamentally dynamic in nature; thus, multicast protocols that handle this dynamic nature are needed. In a static network, multicast protocols build a tree to route multicast messages. The root of the tree is either the multicast source or a core, which is strategically located near the middle of the multicast receivers. Unfortunately, tree-based approaches for multicast communication do not work well in an Ad-hoc network because the tree often changes as the MNs move. Thus, recent multicast protocols developed for an Ad-hoc network are based on either flooding multicast messages or on building a mesh to transmit multicast messages e.g CBM (Content Based Multicast) , MZR (Multicast Zone Routing) ODMRP (On-Demand Multicast Routing Protocol)
UNIT- V MOBILE COMPUTING 20

Geographical Multicast (Geocasting)

Geographic messaging is the ability to transmit messages to mobile nodes (MNs) in a particular geographic area (i.e., a geocast region). It is similar to multicast communication in that a sender intends to distribute a specific message to a select group of MNs. However, geocast communication specifies the group of MNs for a message instead of allowing MNs to specify whether or not they would like to join the group. The ability to send messages to groups of MNs based solely on their location would enable emergency messages to be delivered to possible victims and/or rescue personnel during times of crisis, strategic planning messages to be distributed to various military groups, and advertisement messages to be relayed to mobile users as they travel down the street [(Navas and Imielinski, 1997) and (Navas and Imielinski, 1999)]. Since all mobile users may not welcome flashing advertisements, each MN would need the option to ignore Geocast advertisement messages. Obtaining information pertaining to a particular business without actually inquiring within, i.e., accessing a homepage being transmitted by a particular building is a forthcoming commercial application. Geocast communication will provide this new technology. Unicast communication occurs when a message is transmitted to a given geographic point; geocast communication occurs when a message is transmitted to a defined circle or polygon e.g. LBM (Location Based Multicast), GeoTORA (Geographical TORA).
UNIT- V MOBILE COMPUTING 21

Differences between Distance vector and Link state Routing

Distance Vector routing protocols are based on Bellman and Ford algorithms. Distance Vector routing protocols are less scalable such as RIP supports 16 hops and IGRP has a maximum of 100 hops. Distance Vector are classful routing protocols which means that there is no support of Variable Length Subnet Mask (VLSM) and Classless Inter Domain Routing (CIDR). Distance Vector routing protocols uses hop count and composite metric Link State routing protocols are based on Dijkstra algorithms. Link State routing protocols are very much scalable supports infinite hops. Link State routing protocols are classless which means that they support VLSM and CIDR. Cost is the metric of the Link State routing protocols.

Distance Vector routing protocols support Discontiguous subnets

Link State routing protocols support contiguous subnets.

Contain knowledge about neighborhood Routing only to routers Information sharing when there is change in topology

Contain knowledge about the whole network Routing only to neighborhood Information sharing at regular interval

UNIT- V MOBILE COMPUTING

22

Global State Routing

Global State Routing (GSR) is based on Link State (LS) routing. In the LS routing method, each node floods the link state information directly into the whole network (global flooding) once a link change between itself and its neighbors is detected. A node gets to know the whole topology by obtaining link information. LS routing works well in static topology networks. If links change quickly at high mobility, frequent global flooding will lead to huge control overhead (large amount of small packets).
UNIT- V MOBILE COMPUTING 23

Global State Routing

Aim: The knowledge of full network topology as LS routing should be maintained, but the inefficient flooding mechanism has to be avoided. Unlike LS, GSR does not flood link state packets. Instead, every node maintains its link state table based up-to-date( LS information received from neighboring nodes) It will periodically exchange its LS information with its neighbors only (no global flooding). This means that GSR is MAC (medium access control) layer efficient as it keeps the overhead of control message low. GSR still finds accurate and optimal paths. GSR could be described as being based on LS routing, which has the advantage of routing accuracy, and the dissemination method used in DBF, to avoid inefficient flooding like in LS routing.
UNIT- V MOBILE COMPUTING 24

Global State Routing

Each node maintains: a neighbor list containing the list of nodes adjacent to the node ( hop=1 ) a topology table containing the link state information reported by a destination and a timestamp indicating the time at which this has been reported. a next hop table containing the next hop to which the packets for this destination have to be forwarded a distance table containing the shortest distance to each destination node Initially, each node learns about its neighbors by examining each received packet and thus builds up its neighbor list Each node updates link state information in its topology table by receiving link state messages from its neighbors. LS packets with larger sequence numbers replace the older ones with smaller sequence numbers. So every node learns the entire network topology. The entire topology map (link state table) is exchanged periodically with neighbors only, meaning that there is no global flooding. Then each node computes the shortest paths itself using the newly rebuild topology map, based on Dijkstras algorithm. In summary this means that based on the link state vectors, nodes maintain a global knowledge of the network topology and take their routing decisions locally.
UNIT- V MOBILE COMPUTING 25

Global State Routing

Advantages GSR greatly reduces the control overhead as it avoids flooding for disconnects/reconnects and updates are time triggered than event triggered. The routing accuracy of GSR is comparable to an ideal LS scheme and thus superior to the traditional DBF. A bandwidth function can be used to realize QoS routing. Disadvantages The main disadvantage is the large size of the routing message. As the entire topology table is broadcasted with each update, a considerable amount of bandwidth is consumed. The latencyof the link state change propagation depends on the update period, meaning that it has to be carefully chosen.

UNIT- V MOBILE COMPUTING

26

DSDV - Destination-Sequenced Distance Vector Algorithm

By Perkins and Bhagvat Routes are broadcasted from the receiver Nodes announce their presence: advertisements Each broadcast has Destination address: originator No of hops Sequence number of broadcast The route with the most recent sequence is used Based on Bellman Ford algorithm Exchange of routing tables Routing table: the way to the destination, cost Each node advertises its position Sequence number to avoid loops Maintain fresh routes
UNIT- V MOBILE COMPUTING 27

DSDV
DSDV basically is distance vector with small adjustments to make it better suited for Ad-hoc networks. These adjustments consist of triggered updates that will take care of topology changes in the time between broadcasts. To reduce the amount of information in these packets there are two types of update messages defined: full and incremental dump. The full dump carries all available routing information and the incremental dump only carries the information that has changed since the last dump. Destination-Sequenced Distance Vector (DSDV) is a variation of the Distributed Bellman-Ford algorithm modified to address problems inherent to Ad-hoc networks, such as time dependent topologies. These modifications reduce the looping properties that would otherwise be present. Since DSDV is table-driven, each node maintains a routing table with the next hop entry for each destination and the metric for the link. In addition, each link has a sequence number associated with it. This sequence number is periodically incremented by the destination node for the link. Other nodes then choose the route with highest sequence number, as that is the least stale route to the destination. If a node detects that a link has broken, it sets the metric to infinity, and issues a route update to the other nodes regarding the link status. Other nodes repeat this action until they receive an update with a higher sequence number to provide it with a fresh route again.
UNIT- V MOBILE COMPUTING 28

DSDV
DSDV is a hop-by-hop distance vector routing protocol in which each node has a routing table for all reachable destinations , stores the next-hop and number of hops for that destination. Like distance-vector, DSDV requires that each node periodically broadcast routing updates. The advantage with DSDV over traditional distance vector protocols is that DSDV guarantees loop-freedom. To guarantee loop-freedom DSDV uses a sequence numbers to tag each route. The sequence number shows the freshness of a route and routes with higher sequence numbers are favorable. A route R is considered more favorable than R' if R has a greater sequence number or, if the routes have the same sequence number but R has lower hop-count. The sequence number is increased when a node A detects that a route to a destination D has broken. So the next time node A advertises its routes, it will advertise the route to D with an infinite hop-count and a sequence number that is larger than before.
UNIT- V MOBILE COMPUTING 29

DSDV
Due to the lack of synchronization between nodes in the network, a time delay is imposed to prevent nodes from responding immediately based on a single potentially disruptive update. This settling time allows for the routing table at each node to stabilize before it begins issuing route updates to other nodes. The main advantage to DSDV is that it maintains a loop-free fewest-hop path to every destination in the network. However, this protocol also contains both periodic and triggered route updates. While the triggered updates tend to be small (allowing quick discovery of invalid links), the each nodes periodic update includes its entire routing table. This means the overhead associated with those updates effectively limiting the number of nodes in the network. Because DSDV is dependent on periodic broadcasts it needs some time to converge before a route can be used. This converge time can probably be considered negligible in a static wired network, where the topology is not changing so frequently. In an Ad-hoc network on the other hand, where the topology is expected to be very dynamic, this converge time will probably mean a lot of dropped packets before a valid route is detected. The periodic broadcasts also add a large amount of overhead into the network
UNIT- V MOBILE COMPUTING 30

DSDV
DSDV Advantages:
Short delay brought by the proactive feature Difficult for the attackers to control the propagation of false information Loop Free Fewest hop path

DSDV Disadvantages:
Difficult to scale to large networks Computation and communication resources wasted on unused routes Periodic updates Maintaining routes in presence of mobility Routing information may be expensive and unnecessary
UNIT- V MOBILE COMPUTING 31

Dynamic Source Routing (DSR)

Source routing - The sender knows the complete hop-by-hop route to the destination. Route cache - Nodes may learn and cache multiple routes to any destination. Composed of 2 mechanisms:
Route Discovery Route Maintenance

Requires no periodic packets of any kind at any level within the network- purely on demand. Allows uni-directional links. Supports internetworking between different types of wireless networks and mobile IP.
UNIT- V MOBILE COMPUTING 32

Route Discovery
RREQ (Route Request packet)
Is broadcast when node S needs do send a packet to D and does not already know a route. Each RREQ includes source and destination address, unique request id and complete route record of all intermediate nodes.

RREP (Route Reply packet)

If a node receives an RREQ for which it is either the destination or it has a route to the destination in its route cache it responds with a RREP.
UNIT- V MOBILE COMPUTING 33

Route Discovery in DSR

Y

Z
S B A H I C G K D N E F M L

Represents a node that has received RREQ for D from S

UNIT- V MOBILE COMPUTING 34

Route Discovery in DSR

Broadcast transmission Y

[S]
S B A H I C G K D E F M

Represents transmission of RREQ [X,Y] Represents UNIT-of MOBILE COMPUTING list V identifiers appended to RREQ
35

Route Discovery in DSR

Y

Z
S B A H I C [S,C] G K D N E [S,E] F M L

Node H receives packet RREQ from two neighbors: potential for collision
UNIT- V MOBILE COMPUTING 36

Route Discovery in DSR

Y

Z
S B A H I C G [S,C,G] K D N E F [S,E,F] M L

Node C receives RREQ from G and H, but does not forward it again, because node C has already forwarded RREQ once
UNIT- V MOBILE COMPUTING 37

Route Discovery in DSR

Y

Z
S B A H I C G K D [S,C,G,K] N E F [S,E,F,J] M L

Nodes J and K both broadcast RREQ to node D Since nodes J and K are hidden from each other, their transmissions may UNIT- V MOBILE COMPUTING collide

38

Route Discovery in DSR

Y

Z
S B A H I C G K D N E F [S,E,F,J,M]

Node D does not forward RREQ, because node D is the intended target of the route discovery
UNIT- V MOBILE COMPUTING

39

Route Discovery in DSR

Destination D on receiving the first RREQ, sends a Route Reply (RREP) RREP is sent on a route obtained by reversing the route appended to received RREQ
RREP includes the route from S to D on which RREQ was received by node D
UNIT- V MOBILE COMPUTING 40

Route Reply in DSR

Y

Z
S B A H I C G K D N E RREP [S,E,F,J,D] F M L

Represents RREP control message

UNIT- V MOBILE COMPUTING

41

Dynamic Source Routing (DSR)

Node S on receiving RREP, caches the route included in the RREP When node S sends a data packet to D, the entire route is included in the packet header
hence the name source routing

Intermediate nodes use the source route included in a packet to determine to whom a packet should be forwarded
UNIT- V MOBILE COMPUTING 42

Data Delivery in DSR

Y

DATA [S,E,F,J,D]
S B A H I C G K D E F M

Packet header size grows with route length

UNIT- V MOBILE COMPUTING 43

DSR
N2 N1-N2-N5-N8 N1-N2 N1 N1 N1-N3-N4 N1 N4 N1-N3-N4 N1-N3-N4 N7 N5 N1-N2-N5-N8

RREP
N1-N2-N5-N8 N8 N1-N2-N5 Destination

Source

N1-N3-N4-N7

N1-N3-N4-N6
N1-N3 N3 N6

RREQ
UNIT- V MOBILE COMPUTING 44

Route Maintenance

Hop-by-hop acknowledgement
Link-level acknowledgement IEEE 802.11 Passive acknowledgement (Overhearing) DSR specific acknowledgement

RERR (Route Error packet)

Informs the source of any broken link. Source removes any routes containing broken link from route cache.
UNIT- V MOBILE COMPUTING 45

Additional Optimizations
Packet Salvaging
An intermediate node can use an alternate route from its own cache in case of a failed link.

Gratuitous route repair

A source node receiving an RERR packet piggybacks the RERR in the following RREQ. Helps clean up cashes of other nodes in network.

Promiscuous listening
When a node overhears packet checks to see whether it could be routed via itself to gain a shorter route and sends a gratuitous RREP to source. Learn different routes without participating in routing process.

UNIT- V MOBILE COMPUTING

46

DSR Optimization: Route Caching

Each node caches a new route it learns by any means When node S finds route [S,E,F,J,D] to node D, node S also learns route [S,E,F] to node F When node K receives Route Request [S,C,G] destined for node, node K learns route [K,G,C,S] to node S When node F forwards Route Reply RREP [S,E,F,J,D], node F learns route [F,J,D] to node D When node E forwards Data [S,E,F,J,D] it learns route [E,F,J,D] to node D A node may also learn a route when it overhears Data Problem: Stale caches may increase overheads

UNIT- V MOBILE COMPUTING

47

DSR Advantages
Routes maintained only between nodes who need to communicate
reduces overhead of route maintenance

Route caching can further reduce route discovery overhead A single route discovery may yield many routes to the destination, due to intermediate nodes replying from local caches
UNIT- V MOBILE COMPUTING 48

DSR Disadvantages
Packet header size grows with route length due to source routing Flood of route requests may potentially reach all nodes in the network Care must be taken to avoid collisions between route requests propagated by neighboring nodes
insertion of random delays before forwarding RREQ

Increased contention if too many route replies come back due to nodes replying using their local cache
Route Reply Storm problem Reply storm may be eased by preventing a node from sending RREP if it hears another RREP with a shorter route

An intermediate node may send Route Reply using a stale cached route, thus polluting other caches This problem can be eased if some mechanism to purge (potentially) invalid cached routes is incorporated. For some proposals for cache invalidation,
Static timeouts Adaptive timeouts based on link stability

UNIT- V MOBILE COMPUTING

49

Ad-hoc On-Demand Distance Vector Routing (AODV)

Discovers routes on-demand. Uses traditional routing tables, one entry per destination that are dynamically established at each intermediate node. Use hello messages for local connectivity management. Sequence numbers maintained at each destination to determine freshness of routing information and to prevent rooting loops. Timer-based states in each node regarding utilization of individual routing table entries. Expanding ring search optimization.
UNIT- V MOBILE COMPUTING 50

Ad Hoc On-Demand Distance Vector Routing (AODV)

DSR includes source routes in packet headers Resulting large headers can sometimes degrade performance particularly when data contents of a packet are small AODV attempts to improve on DSR by maintaining routing tables at the nodes, so that data packets do not have to contain routes AODV retains the desirable feature of DSR that routes are maintained only between nodes which need to communicate Route Requests (RREQ) are forwarded in a manner similar to DSR When a node re-broadcasts a Route Request, it sets up a reverse path pointing towards the source AODV assumes symmetric (bi-directional) links When the intended destination receives a Route Request, it replies by sending a Route Reply (RREP) Route Reply travels along the reverse path set-up when Route Request 51 UNIT- V MOBILE COMPUTING is forwarded

Path Discovery
Every node maintains two separate counters:
Node sequence number Maintain freshness information of route Broadcast id Incremented for every new RREQ

RREQ (Route Request packet)

<Source and destination address ,source and destination sequence number, broadcast id, hop count> Each node that cannot satisfy the RREQ rebroadcasts to its own neighbours after increasing hop count. Each node keeps expiration timers to remove old RREQ and routes from its cache.

RREP (Route Reply packet)

Unicast back to the neighbour from which it received the first RREQ. <Source and destination address, destination sequence number, hop count, lifetime>
UNIT- V MOBILE COMPUTING 52

Route Requests in AODV

Y

Z
S B A H I C G K D N E F M L

Represents a node that has received RREQ for D from S

UNIT- V MOBILE COMPUTING 53

Route Requests in AODV

Broadcast transmission Y

Z
S B A H I C G K D N E F M L

Represents transmission of RREQ

UNIT- V MOBILE COMPUTING 54

Route Requests in AODV

Y

Z
S B A H I C G K D N E F M L

Represents links on Reverse Path

UNIT- V MOBILE COMPUTING 55

Reverse Path Setup in AODV

Y

Z
S B A H I C G K D N E F M L

Node C receives RREQ from G and H, but does not forward it again, because node C has already forwarded RREQ once
UNIT- V MOBILE COMPUTING 56

Reverse Path Setup in AODV

Y

Z
S B A H I C G K D N E F M L

UNIT- V MOBILE COMPUTING

57

Reverse Path Setup in AODV

Y

Z
S B A H I C G K D N E F M L

Node D does not forward RREQ, because node D is the intended target of the RREQ
UNIT- V MOBILE COMPUTING

58

Forward Path Setup in AODV

Y

Z
S B A H I C G K D N E F M L

Forward links are setup when RREP travels along the reverse path
UNITRepresentsVaMOBILE COMPUTING link on the forward path 59

Route Request and Route Reply

Route Request (RREQ) includes the last known sequence number for the destination An intermediate node may also send a Route Reply (RREP) provided that it knows a more recent path than the one previously known to sender Intermediate nodes that forward the RREP, also record the next hop to destination A routing table entry maintaining a reverse path is purged after a timeout interval A routing table entry maintaining a forward path is purged if not used for a active_route_timeout interval
UNIT- V MOBILE COMPUTING 60

AODV
N2 N5

RREP
N8 Destination

N1

Source

N4

N7

N3

N6

RREQ
UNIT- V MOBILE COMPUTING 61

Path Maintenance
Detecting link failures
Periodic hello messages Link Layer acknowledgements (LLACKS) Attempts to forward packet to next hop fail

RERR (Route Error packet)

Created when next-hop link breaks. Propagated to all predecessors until all sources using the failed link are informed. Sources restart discovery process if they still need the route to destination.
UNIT- V MOBILE COMPUTING 62

AODV
AODV Advantages:
Low overhead and smaller routing tables in light load networks Fast expiration of unused routes

AODV Disadvantages:
On-demand feature brings a longer delay for the first packet Malicious nodes have more flexibility on conducting attacks

UNIT- V MOBILE COMPUTING

63

DSR vs. AODV

Source routing
More routing overhead No periodic routing advertisements

Dynamic routing tables

Only next-hop information Periodic hello messages for local connectivity

Route caching
More routing information Fast recovery from failure More RREP

One entry per destination

Limited routing information New RREQ for every failure More RREQ

Supports uni-directional links Only broadcast No mechanism to expire stale routes or prefer fresher routes RERR backtracks the data packet UNIT- V MOBILE COMPUTING

Only bi-directional links Multicast capability Expiration timers remove stale routes and sequence numbers RERR informs all predecessor nodes of link failure
64

Temporally-Ordered Routing Algorithm (TORA)

Highly adaptive, loop-free, distributed routing algorithm based on the concept of link reversal Proposed to operate in a highly dynamic mobile networking environment It is source initiated and provides multiple routes for any desired source/ destination pair This algorithm requires the need for synchronized clocks
UNIT- V MOBILE COMPUTING 65

Temporally-Ordered Routing Algorithm (TORA)

TORA has three basic functions: Route creation, Route maintenance and Route erasure. The route creation algorithm generates a directed acyclic graph from source to destination based on a propagation parameter, called height. A node with higher height is considered upstream and one with lesser downstream. The algorithm starts by stetting the height of the destination to 0 (base) and all other nodes height undefined (NULL). Now the source broadcasts a route query packet containing the destinations ID. Each node with non-NULL height responds with an update packet, witch including its height in it. If a node receiving an update packet compares its height with the packet height. If it is more than 2, a short path to the source exists. Now it updates its own height to the packet height plus 1 and propagates the update packet with its own height in it.
UNIT- V MOBILE COMPUTING 66

TORA Conceptual Description

B C

A
DEST

B D

SRC
A E D F

G E F

C
B

D G
A

C D G F
67

UNIT- V MOBILE COMPUTING

TORA Link Reversal

When a node has no downstream links, it reverses the direction of one or more links
B A E B A E D F C G A E D F C B C D E B D F
68

G
F C G

UNIT- V MOBILE COMPUTING

Temporally-Ordered Routing Algorithm (TORA)

TORA also maintains a DAG by means of an ordered quintuple with the following information: t time of a link failure oid originator id r reflection bit indicates 0=original level 1=reflected level d integer to order nodes relative to reference level i the nodes id The triplet (t,oid,r) is called the reference level. And the tuple (d,i) is said to be an offset within that reference level. The heights of the nodes for a given destination to each other determine the direction of the edges of the directed acyclic graph. The DAG is destination oriented (routed at the destination) when the quintuples which represent the heights are maintained in lexicographical order, the destination having the smallest height, traffic always flowing downstreams. Heights are however not needed for route discovery. Also nodes which do not currently need to maintain a route for themselves or for others won't change a height value. Each node has a Route-required flag for that purpose, additionally the time since the last UPD (update-) packet was sent is recorded. Each node maintains a neighbor table containing the height of the neighbor nodes. Initially the height of all the nodes is NULL. (This is not zero "0" but NULL "-") so their quintuple is (-,-,-,-,i). The height of a destination neighbor is (0,0,0,0,dest).
UNIT- V MOBILE COMPUTING 69

Temporally-Ordered Routing Algorithm (TORA) Route creation

A node which requires a link to a destination because it has no downstream neighbours for it sends a QRY (query) packet and sets its (formerly unset) route-required flag. A QRY packet contains the destination id of the node a route is seeked to. The reply to a query is called an update UPD packet. It contains the height quintuple of the neighbour node answering to a query and the destination field which tells for which destination the update was meant for. A node receiving a QRY packet does one of the following: if its route required flag is set, this means that it doesn't have to forward the QRY, because it has itself already issued a QRY for the destination, but better discard it to prevent message overhead. if the node has no downstream links and the route-required flag was not set, it sets its route-required flag and rebroadcasts the QRY message. if a node has at least one downstream neighbour and the height for that link is null it sets its height to the minimum of the heights of the neighbour nodes, increments its d value by one and broadcasts an UPD packet. if the node has a downstream link and its height is non-NULL it discards the QRY packet if an UPD packet was being issued since the link became active (rr-Flag set). Otherewise it sends an UPD packet.
UNIT- V MOBILE COMPUTING 70

Temporally-Ordered Routing Algorithm (TORA) Route creation

A node receiving an update packet updates the height value of its neighbour in the table and takes one of the following actions: if the reflection bit of the neighbours height is not set and its route required flag is set it sets its height for the destination to that of its neighbours but increments d by one. It then deletes the RR flag and sends an UPD message to the neighbours, so they may route through it. if the neighbours route is not valid (which is indicated by the reflection bit) or the RR flag was unset, the node only updates the entry of the neighbours node in its table.

UNIT- V MOBILE COMPUTING

71

Temporally-Ordered Routing Algorithm (TORA)

node C requires a route, so it broadcasts a QRY

UNIT- V MOBILE COMPUTING

72

Temporally-Ordered Routing Algorithm (TORA) Route creation

UNIT- V MOBILE COMPUTING

73

Temporally-Ordered Routing Algorithm (TORA) Route creation

The QRY propagates until it hits a node which has a route to the destination, this node then sends an UPD message

UNIT- V MOBILE COMPUTING

74

Temporally-Ordered Routing Algorithm (TORA) Route creation

The UPD is also propagated, while node E sends a new UPD

UNIT- V MOBILE COMPUTING

75

Temporally-Ordered Routing Algorithm (TORA) Route creation

UNIT- V MOBILE COMPUTING

76

Temporally-Ordered Routing Algorithm (TORA) Route creation

UNIT- V MOBILE COMPUTING

77

Temporally-Ordered Routing Algorithm (TORA) Route Maintenance

Route maintenance in TORA has five different cases according to the flowchart below:

1 Generate: The node has lost its last downstream link due to a failure. The node defines a new "reference level", so it sets oid (originator id) to its node id and t to the time of the failure. This is done only if the node has upstream neighbours. If not it sets its height to NULL. 2 Propagate: The node has no more downstream link due to a link reversal following the receipt of an update packet and the reference levels (t,oid,r) of its neighbours are not equal. The node then propagates the references level of its highest neighbour and sets the offset to a value which is lower (-1) than the offset of all its neighbours with the maximum level. 3 Reflect: The node has lost its downstream links due to a link reversal following the receipt of an update packet and the reference heights of the neighbours of the node are equal with the reflection bit not set. The node then reflects back the refence height by setting the reflection bit. It's d value is set to 0.
UNIT- V MOBILE COMPUTING 78

Temporally-Ordered Routing Algorithm (TORA) Route Maintenance

4 Detect: The node has lost its downstream links due to a link reversal following the receipt of an update packet and the reference heights of the neighbours of the node are equal with the reflection bit set. This means that the node has detected a partition and begins the route erasure procedure. The height values are set to NULL. 5 Generate: The node has lost its last downstream link due to a link reversal following the receipt of an update packet and the reference haights of all the neighbours are equal with the reflection bit set and the oid of the neighbours heights isn't the node's id. The node then sets t to the time of the link failure and sets oid to its own id. The d value is set to 0. This means that the link failure required no reaction. The node experienced a link failure between the time it propagated a higher reference (from someone else) and the time this level got reflected from a place further away in the network. Because the node didn't define the new reference level itself this is not necessarily an indication of a partitioning of the network. So the node simply defines a new higher reference level with the time of the link failure.

UNIT- V MOBILE COMPUTING

79

Temporally-Ordered Routing Algorithm (TORA) Route Maintenance

The link between B and E fails

UNIT- V MOBILE COMPUTING

80

Temporally-Ordered Routing Algorithm (TORA) Route Maintenance

B still has a downstream link to the destination, so no action is needed

UNIT- V MOBILE COMPUTING

81

Temporally-Ordered Routing Algorithm (TORA) Route Maintenance

The link between D and H fails

UNIT- V MOBILE COMPUTING

82

Temporally-Ordered Routing Algorithm (TORA) Route Maintenance

Node D defines a new reference level. It sets the originator id to his own id since it was node D that defined the new level. The logical time of the link failure is also recorded (t=1). The new reference level is now higher than that of the neighbours, so the update message has as effect the reversal of the links to A and B. This is case 1 of the decision tree.

UNIT- V MOBILE COMPUTING

83

Temporally-Ordered Routing Algorithm (TORA) Route Maintenance

Node B has lost its downstream not because of a link failure, but because of a link reversal. It propagates the reference level that was defined by D. Because the node must have a lower height than the upstream node D it has to set it's subheight (offset) lower than that of D, so d=-1. This is case 2 of the decision tree.

UNIT- V MOBILE COMPUTING

84

Temporally-Ordered Routing Algorithm (TORA) Route Maintenance

Node A has now also has lost its last downstream due to an update and propagates the reference level and sets its d to the lowest of its neighbours -1. (also Case 2)

UNIT- V MOBILE COMPUTING

85

TORA
TORA Advantages : It supports multiple routes to any source/destination pair. Failure or removal of one node is quickly resolved without source intervention by switching to an alternate route. Loop Free Path Establish routes quickly , before topology changes Able to detect partitions very quickly

TORA Disadvantages : It relies on synchronized clocks among nodes in the network. It also relies on intermediate lower layers for certain functionality. TORA is not energy efficient and does not scale to large networks. exhibits instability behavior similar to "count-to-infinity" problem in distance vector routing protocols
UNIT- V MOBILE COMPUTING 86

CBRP( Cluster Based Routing Protocol )

The idea behind CBRP is to divide the nodes of an Ad-hoc network into a number of overlapping or disjoint clusters. One node is elected as cluster head for each cluster. This cluster head maintains the membership information for the cluster. Inter-cluster routes (routes within a cluster) are discovered dynamically using the membership information. CBRP is based on source routing, similar to DSR. This means that intracluster routes (routes between clusters) are found by flooding the network with Route Requests (RREQ). The difference is that the cluster structure generally means that the number of nodes disturbed is much less. Flat routing protocols, i.e. only one level of hierarchy, might suffer from excessive overhead when scaled up. CBRP is like the other protocols fully distributed. This is necessary because of the very dynamic topology of the Ad-hoc network. Furthermore, the protocol takes into consideration the existence of unidirectional links.

UNIT- V MOBILE COMPUTING

87

CBRP
Functions Link Sensing Clusters Routing

UNIT- V MOBILE COMPUTING

88

CBRP
The algorithm The following algorithm is used to form the clusters! When an node comes up, it has the "undecided" state! The first action of this node is to start a timer and broadcasts a HELLO message! When a cluster-head receives this HELLO message, it replies immediately with a triggered HELLO message. After that, when the node receives this answer, it will change his state into the "member" state. But when the node gets no message from any clusterhead, it makes itself as cluster-head, but only, when it has bi-directional link to one or more neighbors! Otherwise, when it has no link to any other node, it stays in the "undecided" state and repeats the procedure with sending an HELLO message again! Cluster-heads are changed as infrequently as possible
UNIT- V MOBILE COMPUTING 89

How a source finds a way to the destination

Node S (source) has to send data to node D (destination). S sends route requests to all the neighbouring cluster-heads, and only to the cluster-heads. When a cluster-head receives the route request, it checks if the node D is in his cluster. If this is the case, the clusterhead sends the request directly to the destination. But when D isn't in the cluster, it sends the route request to all the adjacent clusterheads. All cluster-head saves his address in the packet, so when a clusterhead receives a route request where his address is saved in the packet, it discards this packet. When the route request packet arrives at the destination, D replies back with the route that had been recorded in the request packet. When the source S doesn't receive a reply from the destination within a time period, it tries to send a route request again. In the Cluster Based Routing Protocol, routing is done using source routing. But this protocol uses also route shortening. When a node receives the reply of the destination to the source, it tries to find the farthest node in the route that is its neighbour. With this principle the route between source and destination can be reduced. On the following figure you can see an ad-hoc network, separated in the different cluster with all the components UNIT- V MOBILE COMPUTING 90

DATA STRUCTURES
Neighbor Table
Id, Role , Status of the link

Cluster Adjacency Table (CAT)

Keeps info. about adjacent clusters Contains
Id of neighboring cluster the gateway node (a member) to reach the neighboring cluster head the status of the link

Two-hop Topology Database

each node broadcasts its neighbor table information periodically in HELLO packets. Therefore, by examining the neighbor table from its neighbors, a node is able to gather `complete' information about the network topology that is at most two-hops away from itself.
UNIT- V MOBILE COMPUTING 91

HELLO MESSAGES
HELLO message from a node contains its neighbor table and its cluster adjacency table (CAT). Nodes update their neighbor tables and CAT when they receive HELLO messages from their neighbors. When a node A receives HELLO message from say a node B
A adds B to its neighbor table if B is not present in its table. If B is already in the table update the status of link from B to A if required. Update the role of B if it has changed.

UNIT- V MOBILE COMPUTING

92

CLUSTER FORMATION
A node can be in any of the three states A cluster head A cluster member Undecided ( Looking for a head ) An undecided node starts a timer and broadcasts a HELLO message. Any cluster head that receives this message sends out HELLO message back. If the node has bi-directional link to that cluster head it chooses that node as its cluster head and regards itself as a member of that cluster head. If it does not find any head till the timer expires and it declares itself as a cluster head. If two cluster heads have bi-directional links to each other one of them gives his status as a head and becomes member of the other head. The node with a smaller id continues to be a cluster head. However the cluster heads wait for a certain period of time before this This ensures that if two cluster heads are just close for a short time when they are on a move cluster re-formation does not happen.
UNIT- V MOBILE COMPUTING 93

Adjacent Cluster Discovery

For a member node neighboring cluster head is the one that is two hops away. i.e. one that can be reached via an intermediate node. This node is called a Gateway node. A node can find out about its neighboring cluster heads by looking at the neighbor tables of its neighbors received in the HELLO messages. COMPUTING UNIT- V MOBILE 94

Adjacent Cluster Discovery

Nodes also broadcasts their CAT in the HELLO message. Cluster heads can learn about other cluster head that are three hops away by looking at the CAT they receive. e.g. 4s Cluster Adjacency Table

11

4
Adj cluster ID Gateway 8 9 6 2

8 10

2
5 6

UNIT- V MOBILE COMPUTING

95

ROUTE DISCOVERY
When a node say A wants to discover route to a node say D it broadcasts a RREQ packet. This packet contains a list of host and neighboring clusters heads. For neighboring cluster heads even the gateway nodes are mentioned. The idea is only cluster heads should forward the packet further. If a member node receives RREQ packet it simply drops it. However if a member node is listed as a Gateway node it unicasts the RREQ to the cluster head for which it is a Gateway node. When a cluster head receives RREQ, it adds itself on the partial route contained in the packet. It adds the neighboring cluster heads to which the packet is to be forwarded from its own CAT along with their gateway nodes and then re-broadcasts their packet.
Thus the RREQ passes through a number of cluster heads and eventually reaches D. D upon receiving the RREQ sends and RREP back. The RREP travels the same set of cluster heads that the RREQ traveled. On the way entire hop-by-hop path is added to the RREP along with the Gateway nodes. UNIT- V MOBILE COMPUTING 96

Route Discovery
Source S floods all clusterheads with Route Request Packets (RREQ) to discover 11 (D) [3,1,8,11] destination D
9 4 8 [3,1,8]

10

3 (S) [3]
5

1
[3,1] 2 6 UNIT- V MOBILE COMPUTING [3,1,6]

97

Route Reply
Route reply packet (RREP) is sent back to source along reversed loose source route of clusterheads. Each clusterhead along the way incrementally compute a hop-byhop strict source route.

11 (D) the reversed loose source route of RREP: [11,8,1,3] 3 (S) [11,9,4,3] the computed strict source route of 3->11 is: [11,9,4,3] 5
UNIT- V MOBILE COMPUTING

[11,9] 4 [11,9,4] 1 [11,9,4] 2

9 8

[11]
10

7
98

Route Reply
Route reply packet (RREP) is sent back to source along reversed loose source route of clusterheads. Each clusterhead along the way incrementally compute a hop-byhop strict source route.

11 (D) the reversed loose source route of RREP: [11,8,1,3] 3 (S) the computed strict source route of 3->11 is: [11,9,4,3] 9 4 1 2 5
UNIT- V MOBILE COMPUTING

10

7
99

Route Error Detection

Use source routing for actual packet forwarding A forwarding node sends a Route Error Message (ERR) to packet source if the next hop in source route is unreachable

11 (D)
Source route header of data packet: [3,4,9,11]

9 4 8 1 2 5 10

3 (S)
Route error (ERR) down link: {9->11}

7
100

UNIT- V MOBILE COMPUTING

ROUTE SHORTENING
Whenever a node receives a source-routed data packet, it tries to find out the furthest node in the unvisited route that is actually its neighbor. If it succeeds, it shortens the source route accordingly and FLAGS this in the packet. The destination upon receiving this flagged packet sends and unsolicited RREP back to the source containing the shortened route.

UNIT- V MOBILE COMPUTING

101

Local Route Repair

A forwarding node repairs a broken route using its 2-hop-topology information and modifies source route header accordingly. Destination node sends a gratuitous route reply to inform source of the modified route

11 (D)

Source route header of data packet: [3,4,9,11]

9 4 8 1 2 5 10

3 (S)
Route error (ERR) down link: {9->11}

7
102

UNIT- V MOBILE COMPUTING

Local Route Repair

A forwarding node repairs a broken route using its 2-hop-topology information and modifies source route header accordingly. Destination node sends a gratuitous route reply to inform source of the modified route

11 (D)

Source route header of data packet: [3,4,9,11]

9 4 8 1 2 5 10

3 (S)
Modified source route [3,4,9,8,11]

7
103

UNIT- V MOBILE COMPUTING

Local Route Repair

A forwarding node repairs a broken route using its 2-hop-topology information and modifies source route header accordingly. Destination node sends a gratuitous route reply to inform source of the modified route

11 (D)

Source route header of data packet: [3,4,9,11]

9 4 8 1 2 5 10

3 (S)
Gratuitous route reply [3,4,9,8,11]

7
104

UNIT- V MOBILE COMPUTING

CBRP
CBRP Advantages:
Uses local route repair and route shortening to improve routes Supports uni- and bi-directional links Reduction of communication traffic Reduction of information storage Robust against frequent network topology changes Loop free Support for multiple route

CBRP Disadvantages:
Overhead bytes according to source routing Only 2-level hierarchy Small clusters but when clusters grow, size of HELLO messages and tables increases Scalable to an extend.
UNIT- V MOBILE COMPUTING 105

QoS in Wireless Networks

Whats different in Wireless ?
A premium on efficiency (due to limitations in spectrum resource) Low reliability in the worst case Traffic limited by interference
Similar to congestion, but more easily controllable

Cost of one stream related not only to rate parameters, but also to reliability(energy per bit) and acceptable delay Best error- control coding techniques are at the physical and media- access layers
UNIT- V MOBILE COMPUTING 106

Wireless Systems
Varying Conditions of Radio interface QoS profile consists of parameters like
precedence: delay: includes radio access delay (uplink) or radio scheduling delay (downlink), radio transit delay, GPRS-network transit delay reliability: error rates much higher throughput: specified by maximum bit rate and mean bit rate
UNIT- V MOBILE COMPUTING 107

QoS in MANets
Availability of link state information and its management is difficult QoS of wireless link is apt to change in dynamic environment
mobility of hosts resource limitations (time varying)

DiffServ a possible solution

what are the boundary routers? concept of SLA does not exist
UNIT- V MOBILE COMPUTING 108

QoS in MAC protocols

MAC protocol design goals
solve medium contention deal with hidden/exposed terminal problem improve throughput

QoS MACs must provide resource reservation and QoS guarantees to realtime traffic
Wireless LANs Black burst contention etc Manets MACA/PR
UNIT- V MOBILE COMPUTING 109

Ad-hoc networks security characteristics:

-Availability ability to use the information desired

-Confidentiality information not disclosed to unauthorized entities -Integrity no corruption -Authentication ensure identity of correspondent

- Non-repudiation cant deny a sent message

UNIT- V MOBILE COMPUTING

110

Problems: Causes
Infrastructure of ad-hoc networks no infrastructure: node router Dynamic topology of ad-hoc networks moving: @IP duplicated attacks Problems associated with wireless communication poor protection to noise and signal interferences Implicit trust relationship between neighbors suppose MOBILE COMPUTING are honest UNIT- V all participants

111

Attacks using modification

Idea:

Malicious node announces better routes than the other nodes in order to be inserted in the ad-hoc network
How ?

- Redirection by changing the route sequence number - Redirection with modified hop count - Denial Of Service (DOS) attacks
UNIT- V MOBILE COMPUTING 112

Attacks using modification

Redirection by changing the route sequence number:
- A wants to communicate with D.

Node A

Node B

Node C

Node D

- Node A will broadcast a message asking the better path to reach the node D. - The best path is chosen depending on the metric of the different routes - If an intruder replies with the shortest path, it inserts itself in the network UNIT- V MOBILE COMPUTING 113

Attacks using modification

- An intruder listens node C announcing to node B its route metric - The intruder announces to node B a smallest metric to reach D - B deletes its path with node C and replaces it with the intruder path

Node A

Node B Intruder

Node C

Node D

UNIT- V MOBILE COMPUTING

114

Attacks using modification

Redirection with modified hop count:

- The node C announces to B a path with a metric value of one - The intruder announces to B a path with a metric value of one too - B decides which path is the best by looking into the hop count value of each route

Metric 1 and 3 hops

Node A Node B Node C Node D

Metric 1 and 1 hop Figure 3.2

Intruder

UNIT- V MOBILE COMPUTING

115

Attacks using modification

- The path with the malicious node is chosen according to the hop count value. - The new figure is illustrated below:

Node A

Node B Intruder

Node C

Node D

UNIT- V MOBILE COMPUTING

116

Attacks using modification

Denial Of Service (DOS) attacks with modified source routes: - A malicious node is inserted in the network thanks to one of the previous technique. - The malicious node changes packet headers it receives - The packets will not reach the destination: - The transmission is aborted

UNIT- V MOBILE COMPUTING

117

Attacks using modification

- The following figure illustrates DOS attacks:
Node A sends packets with header: (route cache to reach node E) A-B-I-C-D-E Intruder I decapsulates packets, change the header: A-B-I-C-E Node C has no direct route with E, also the packets are dropped

Node A

Node B

Intruder I

Node C

Node D

Node E

UNIT- V MOBILE COMPUTING

118

Attacks using impersonation

Idea :
- Usurpates the identity of another node to

perform changes How ?

- Spoofing MAC address of other nodes

UNIT- V MOBILE COMPUTING

119

Attacks using impersonation

Forming loops by spoofing MAC address: - A malicious node M can listen all the nodes when the others nodes can only listen their closest neighbors
- Node M first changes its MAC address to the MAC address of the node A
A M B D E X C

- Node M moves closer to node B than node A is, and stays out of range of node A - Node M announces node B a shorter path to reach X than the node D gives
UNIT- V MOBILE COMPUTING

120

Attacks using impersonation

Forming loops by spoofing MAC address: - Node B changes its path to reach X - Packets will be sent first to node A

M B D E X

- Node M moves closer to node D than node B is, and stays out of range of node B - Node M announces node D a shorter path to reach X than the node E gives
UNIT- V MOBILE COMPUTING 121

Attacks using impersonation

Forming loops by spoofing MAC address: - Node D changes its path to reach X - Packets will be sent first to node B
A C

M B D E X

- X is now unreachable because of the loop formed

UNIT- V MOBILE COMPUTING 122

Attacks using fabrication

Idea:
- Generates traffic to disturb the good operation of an ad-hoc

network

How ?
- Falsifying route error messages

- Corrupting routing state - Routing table overflow attack - Replay attack - Black hole attack
UNIT- V MOBILE COMPUTING 123

Attacks using fabrication

Falsifying route error messages: When a node moves, the closest node sends error message to the others
A malicious node can usurp the identity of another node (e.g. By using spoofing) and sends error messages to the others The other nodes update their routing tables with these bad information The victim node is isolated

UNIT- V MOBILE COMPUTING

124

Attacks using fabrication

Corrupting routing state:

In DSR, routes can be learned from promiscuously received packets A node should add the routing information contained in each packets header it overhears A hacker can easily broadcast a message with a spoofed IP address such as the other nodes add this new route to reach a special node S Its the malicious node which will receive the packets intended to S.
UNIT- V MOBILE COMPUTING 125

Attacks using fabrication

Routing table overflow attack:

Available in pro-active protocols. These protocols try to find routing information before they are needed A hacker can send in the network a lot of route to nonexistent nodes until overwhelm the protocol

UNIT- V MOBILE COMPUTING

126

Attacks using fabrication

Replay attack:
A hacker sends old advertisements to a node The node updates its routing table with stale routes

Black hole attack:

A hacker advertises a zero metric route for all destinations All the nodes around it will route packets towards it
UNIT- V MOBILE COMPUTING 127

Solutions to problems in ad-hoc routing

1. Mobile environment types A) Open No static infrastructure Nodes of various types Completely unknown structure Key issue: network throughput B) Managed open Can use existing infrastructure certificate servers, access points etc. Key issue: various depending on system accessed Increasing in usage as mobile devices become more popular C) Managed hostile Classic ad-hoc networks Key issue: confidentiality and security War/disaster areas UNIT- V MOBILE COMPUTING

128

Solutions to problems in ad-hoc routing

2. Protocol enhancements
Techniques to enhance security of existing routing protocols

Examples:
Security-Aware ad-hoc Routing, SAR Secure Routing Protocol, SRP The Selfish Node, TSN
UNIT- V MOBILE COMPUTING 129

SAR
overview

Symmetric key encryption Only use routing paths having required trust level Shared symmetric keys for each trust level use existing infrastructure for CA and key distribution Requires managed open environment

SAR evaluation

Pros:
Secure as long as CA not compromised Network infrastructure not exposed (all packets encrypted)

Cons:
Excessive power consumption (enc/dec) Misbehaving nodes not prevented
UNIT- V MOBILE COMPUTING 130

SRP
Overview Based on a security association (SA) between the destination and source node (set up during key exchange) Public key encryption Routing path sent unencrypted with each packet Requires existing CA managed open environment SRP evaluation Pros: Secure as far as confidentiality goes Less processing overhead than SAR (only at endpoints) Cons: Exposes network infrastructure (unenc. routing path) Susceptible to Invisible Node attack
UNIT- V MOBILE COMPUTING 131

TSN
Overview Open environment no pre-requirements but can use existing infrastructure Primary threat: DOS attack Concept taken from Darwins theories Problem solution: Introduce penalty for misbehaving notes TSN components The monitor Neighborhood watch
Monitors other nodes network activity Sends warnings to the reputation system

The reputation system Gossip

Spreads rumors about nodes Action depends on the reputation of the reporting node

The path manager

Responsible for changes in the routing table

The trust manager

Keeps list of trustworthy and not trustworthy nodes

UNIT- V MOBILE COMPUTING

132

TSN evaluation
Pros: Prevents misbehaving nodes from operating Can be combined with other techniques Cons: Confidentiality not guaranteed (no encryption) Causes extra overhead (processing and network)

UNIT- V MOBILE COMPUTING

133

Solutions to problems in ad-hoc routing

3. Secure protocols Instead of extending current protocols, create new protocols with higher security requirements Two examples:
Authenticated Routing for Ad-hoc Networks, ARAN Secure Position Aided Ad hoc Routing, SPAAR
UNIT- V MOBILE COMPUTING 134

ARAN overview

Managed-open environment Public key encryption based Requires certificate server Two phases:
Authentication

Ensures existence of secure path to destination Each intermediate node stores the route pair (previous node + destination node) Each node signs the message so that the following node can check the validity of the previous node The destination node replies by sending its certificate to be used in transmission
Transmission

Routing path discovery packets (RDP) are encrypted using destinations public key at each intermediate node Each intermediate node stores the route pair (previous node + destination node) until route times out (no traffic for a specified period of time) Destination node replies to the first RDP received and all RDP:s with a shorter route path Once source node has received a reply to the RDP communication can begin, all encrypted using receivers public key
UNIT- V MOBILE COMPUTING 135

ARAN Evaluation
Pros: Secure as long as CA is not compromised Confidentiality guaranteed (public key encryption) Network structure not exposed (encrypted) Resistant to most attacks Cons: Extra memory required (each node stores routing pairs) Moderate processing overhead for encryption

UNIT- V MOBILE COMPUTING

136

SPAAR overview
Managed-hostile environment Security more important than performance Requires certificate server GPS used to determine location of nodes Nodes only accepts packets from valid neighbors (shared group-key is used to encrypt traffic) Location and velocity is sent in packets to aid routing performance (increases need for confidentiality) Nodes only forward packets if their location is closer to the destination than previous node. Messages encrypted twice (destination public key and group key between intermediate nodes)
UNIT- V MOBILE COMPUTING 137

SPAAR evaluation
Pros: Secure as long as CA is not compromised Confidentiality guaranteed (public key encryption) Network structure not exposed (encrypted) Resistant to most attacks Shortest geographical path Cons: Extra memory required (each node stores routing pairs) Heavy processing overhead for encryption Hardware demands (GPS)
UNIT- V MOBILE COMPUTING 138