(IJCSIS) International Journal of Computer Science and Information Security,Vol. 9, No. 2, 2011
Grid Formation and GHN Election
Any SPN has the privilege to contest for the grid head. ASPN starts sending ‘Hello’ messages to all the nodes within itshop limit. A hop limit is specified so as to keep a check on thenumber of nodes in a particular grid and also the density of datatraffic which will result due to this broadcasting of messages.The ‘Hello’ message contains the stability time of its senderand hop count. On receiving a ‘Hello’ message, any SPNwhich currently does not have a head checks if the sender’sstability is greater than its own stability. If it is the case itsimply stops broadcasting its own ‘Hello’ messages and startsbroadcasting the newly received message to all the nodes in itshop limit range after storing the stability of the sender as the‘GHN stability’. If not, it simply discards the message andcontinues to broadcast its own ‘Hello’ message. After findingthe GHN, it sends ‘Grid join’ message to GHN. If a SPN nodeis currently functioning under a grid head and receives a‘Hello’ message, it checks to see if the sender’s stability ishigher than its head’s stability and if true, it starts broadcastingthe newly received ‘Hello’ message after storing the stability as‘GHN stability’. Any CN on receiving a ‘Hello’ messagesimply forwards it. All the nodes store the first two higheststability times that they have received through ‘Hello’messages. The node with the second highest stability isappointed as the’ Secondary head’ of the grid. Any node whichgets elected as the GHN should periodically send ‘Hello’messages to all the other nodes and if it fails to do so, it is notconsidered to be alive by the other nodes and a reelection takesplace.
Any SPN joining a grid submits resource parameters,stability, position, type of service, service cost, etc to the GHN.A CN while requesting for a service states the type of servicerequired and cost. The GHN maintains a Grid MaintenanceTable (GMT), where in it stores the status of all the SPNsunder it- their service parameters and their availability. Onfinding a suitable SPN for the service, it refers the SPN id tothe requesting CN and assigns a job id to this service. The CNthen sends a ‘Service me’ message to the allotted SPN which inturn completes the service and sends a ‘Done’ message to theCN and a ‘Comp’ message to the GHN indicating thecompletion of its assigned task. The CN sends an ‘ACK’message to the GHN, acknowledging that it got the servicecompleted by the SPN. The GHN now updates the SPN’sstatus in the GMT. However, if an appropriate SPN isunavailable at a particular instant for a CN, it sends a servicedenial message prompting the CN to try later for the servicerequest.
Intrusions in Application Layer
In the paper, two probable intrusions in the applicationlayer - grid head which itself is found to be malicious andmisbehaving service provider nodes are considered.1)
A GHN sends a service busy / servicedenial message when to a requesting CN if it does not find asuitable SPN. The CN keeps track of the count of the BUSYmessages sent by the GHN. Once it exceeds a predefinedthreshold limit, the CN reports a ‘Bad Head’ message to thesecondary head. Every time a service is being allotted to a SPNto a GHN, the SPN immediately sends ‘busy’ message to thesecondary head. Similarly after the successful completion of service, the CN sends a ‘complete’ message to the secondaryhead. Thus the secondary head maintains the list of SPNswhich are busy. When the secondary head receives the ‘BadHead’ message from a CN, it checks if the SPNs are actuallybusy. If not, it generates a ‘Ban’ message and broadcasts to allthe nodes. On receiving this message, all the nodes discard thatnode and no longer have it as their GHN and add that node’saddress to a list of banned nodes that they maintain after whicha reelection takes place for contention to become the new gridhead.2)
After being allotted a specific SPNfor its service, a CN sends a ‘service me’ message to the SPN.A malicious SPN on receiving this message does only half theservice required and reports completion of the service to boththe GHN and the CN. On discovering that the service was notfully completed, the SPN generates a report to the GHN statingthe essential parameters like the SPN’s id, job id, etc. The GHNincrements its report count for the particular SPN node andwaits till the count reaches a particular predefined limit afterwhich it checks the coalitions against the reported node. If ithappens to be a winning coalition the GHN adds the SPN to thelist of banned nodes and broadcasts the message on to all othernodes in the network.
Intrusions in Network Layer
In the network layer, two highly probable intrusions –flooding and flow disruption caused by malicious nodes areproposed. Both of these intrusions are detected by the othernodes and a coalition is formed to report the intruder.1)
A malicious node starts sendinginnumerable route request/route discovery message to all theother nodes exhaustively. This affects the network bandwidthadversely and paralyses the network. This is resolved by usingparameters like no. of control packets expected and received.For a certain time interval, the total no: of control packetsreceived is counted and checked with the threshold limit. If it isexceeded then GHN is notified of the possibility of the attack.Grid Head then forms the coalition, calculates the attack value,checks whether it is a winning coalition and finds an intrusion.2)
Flow disruption attack:
A malicious node targets a routebetween a particular source and destination node and startssending junk route discovery messages to all the nodes in thatparticular route. Certain nodes are randomly identified as thetarget nodes by the attacker nodes. These attacker nodes are afew among the nodes which route data packets from and to thetarget nodes. When the ACK messages for the target nodesreach the attackers, they drop the packets instead of forwardingthem. This causes the route between the particular source anddestination to be broken thereby disrupting the flow between apair of targeted nodes. After a stipulated waiting time, thetarget nodes report to its grid head. On receiving the report, thegrid head carries out the similar processing of checking forcoalitions and spotting a winning coalition.
218 http://sites.google.com/site/ijcsis/ISSN 1947-5500