See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/251348964

Erratum to: Trust-Based Routing Mechanism in MANET: Design and

Implementation

Article  in  Mobile Networks and Applications · October 2011

DOI: 10.1007/s11036-011-0328-0

CITATIONS READS

61 308

4 authors:

Tameem Eissa Shukor Abd Razak

Greenbone Network Universiti Teknologi Malaysia
5 PUBLICATIONS   99 CITATIONS    164 PUBLICATIONS   1,384 CITATIONS   

SEE PROFILE SEE PROFILE

Rashid Hafeez Khokhar Normalia Samian

Universiti Teknologi Malaysia Universiti Putra Malaysia
30 PUBLICATIONS   967 CITATIONS    11 PUBLICATIONS   129 CITATIONS   

SEE PROFILE SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Online User Attribution View project

Development of Flash Flood Detection Using Distributed Radio Sensor Network for Urban Areas View project

All content following this page was uploaded by Normalia Samian on 19 June 2014.

The user has requested enhancement of the downloaded file.

Mobile Netw Appl (2013) 18:666–677
DOI 10.1007/s11036-011-0328-0
Trust-Based Routing Mechanism in MANET: Design
and Implementation
Tameem Eissa & Shukor Abdul Razak &
Rashid Hafeez Khokhar & Normalia Samian
Published online: 18 June 2011
# Springer Science+Business Media, LLC 2011
Abstract Mobile Ad hoc Network (MANET) is a self-
organizing wireless network for mobile devices. It does not
require any fixed infrastructure to be configured which
makes it more suitable to be used in environments that
require on-the-fly setup. This paper discusses the challeng-
ing issues in MANET routing security. It presents FrAODV,
a trust-based scheme for securing AODV routing protocol
in MANET using the friendship mechanism. The nodes can
evaluate the routing paths according to some selected
features (such as node reputation and identity information)
before forwarding the data through these routes. We have
used two types of implementation in our scheme, simula-
tion (using NS2) and real test-bed (using JADHOC). This
scheme is believed to provide a robust environment where
MANET nodes can trust each other in a secure community.
Keywords mobile ad hoc network . security . trust feature
1 Introduction
Infrastructure networks are not suitable in environments
where limited resources devices are connected through
weak wireless links. In this case, the network should be
able to setup on-the-fly without the aid of any administrator
or manager. MANET is one solution for such environments.
It is a self-organizing and self-configuring network. It is
established on a temporary basis and nodes can join or
leave the network at any time. For example, new nodes can
quickly join or leave the network in a conference room,
T. Eissa : S. Abdul Razak (*) : R. H. Khokhar : N. Samian
Universiti Putra Malaysia,
Selangor, Malaysia
e-mail: sabdrazak@gmail.com
battlefield or fire operation area. The lack of infrastructure
and the mobility features of MANET make the routing
security process a difficult task. MANET is vulnerable to
many routing attacks such as redirection attack where a
malicious node sends forged Rrep (Route Replay) messages
with high destination sequence numbers [1]. The source
node chooses the routes with the highest destination
sequence numbers and discards the other routes. All data
sent by the source node will be directed through these
routes towards the malicious node which in turn drops this
data instead of forwarding it [1]. Another famous routing
attack are rushing attacks which usually happen in the
reactive routing protocols where each node considers just
the first route discovery packet that it receives and discards
the others [2]. In this attack, malicious nodes rush route
requests towards the destination which will consider these
requests and ignore the others. The destination node then
replies to these requests. As a result, all source and
destination traffic will go through the malicious nodes [2].
Many researchers have proposed different methods to
secure the routing protocols. In this research, we focus on
securing AODV routing protocol. SAODV protocol has
been proposed to secure AODV [3], in which both AODV
messages (Rreq, Rrep) and the mutable information (hop
count, hash value) is included in the protection mechanism.
Each node signs Rreq and Rrep message after reducing the
hop count and the hash value fields, in which these fields
are changed in every hop. The signing process is
accomplished by using asymmetric cryptography. SAODV
can defend against black hole attack [4]. However, it cannot
defend against worm-hole attack [5], hop-count altering
attack and routing messages dropping attack.
In this paper, friendship based AODV routing protocol
has been implemented in a simulation mode (using NS2)
and real test-bed (using JADHOC framework). Some trust
Mobile Netw Appl (2013) 18:666–677
features are identified to evaluate the node friendship in the
network. A friendship mechanism algorithm is constructed
to secure AODV routing protocol. This paper is organized
as follows: Section 2 describes some preliminaries about
MANET and trust concept. Section 3 presents our proposed
FrAODV scheme. The performance evaluation of our
proposed scheme for simulation and real test-bed scenario
are presented in Section 4. The paper is concluded with
suggestions for future work in Section 5.
2 Preliminaries
2.1 Security in MANET
Flexibility, low cost, and ease of deployment are the main
characteristics of MANET. Early development of MANET
routing protocols (such as DSR [6], DSDV [7] and AODV
[8]) did not consider important security issues. These highly
dynamic routing protocols have no clear line of defence. As
a result, malicious attackers can disrupt the functionality of
a MANET. Recently, many MANET security protocols are
designed to address one or more attacks [9–14], yet no
protocol has proven secure against all attackers. Currently,
researchers are investigating different MANET security
issues which include secure routing, privacy-aware routing,
group membership control, key distribution, intrusion
detection and response systems, and DOS attacks.
The use of threshold cryptography for MANET security
was suggested in [9]. The basic idea was to distribute the
trust among MANET nodes such that no less than a certain
threshold of nodes is trusted. In this approach, the key
element is the distributed Certification Authority (CA)
which issues certificates to those nodes joining the network.
The authors used a threshold signature protocol [15] to
issue certificates. This approach is attractive, but cannot
directly be implemented on MANET node admission. The
approach is hierarchical in the sense that it only selects
nodes that can serve as components of the CA, i.e., take
part in admission decisions. Also, contacting distributed
CA nodes in a multi-hop networks and dynamic MANET is
not always possible.
Buttyan and Hubaux [10] proposed to stimulate packet
forwarding by remunerating intermediate forwarding nodes
with some credits paid by the source. Similarly, a Secure
Incentive Protocol (SIP) is proposed in [16] to motivate
packet forwarding in totally self organizing MANETs
without relying on any centralized infrastructure. In SIP,
each node imprints a non-forged stamp on each packet
forwarded as the proof of forwarding, based on which
packet relays are remunerated, while packet sources and
destinations are charged with appropriate credits. SIP
differs from [10] in many aspects such as the source-
667
controlled session-based approach, the novel identifier-
based session key establishment, and its flexibility and
adaptability to network dynamics (e.g., the asymmetric
payment model). It is, however, by no means an easy task
to implement SIP in a secure, efficient manner. For
example, the introduction of credits may serve not only as
an incentive for cooperation, but also as a stimulus for
cheating. In addition, as an add-on, any incentive scheme
like SIP should be efficient and lightweight enough not to
disturb other normal network functions such as routing.
Zhou et al. [9] developed a credit-based collusion-resistant
scheme to address node selfishness, but their approach
requires a centralized credit clearance service on the
backbone network, which may undermine the self-
organizing, decentralized nature of MANETs.
In another work, Hu and Perrig [2] proposed a new
secure on-demand ad hoc network routing protocol, called
Ariadne. Ariadne prevents malicious nodes from tampering
with uncompromised routes consisting of uncompromised
nodes, and also prevents many types of Denial-of-Service
attacks. Ariadne used only highly efficient symmetric
cryptographic primitives. However, their role of defending
attacks is very limited, because schemes located in a single
protocol layer cannot solve problems in other layers.
Moreover, security attacks in a network may come
simultaneously from different protocol layers. Thus, a
multi-protocol layer security scheme is desired for network
protocols. SCAN [13] presents a network-layer security
solution that protects the control-plane (i.e., ad hoc routing)
and the data-plane (i.e., packet forwarding) operations in a
unified framework. It does not apply any cryptographic
primitives on the routing messages. Instead, it protects
routing and packets forwarding through a same reactive
approach, in which local neighbouring nodes collaborative-
ly sustain each other, monitor each other, and react to
occasional attacks in their vicinity. Kong et al. [11]
proposed a set of ubiquitous and robust admission protocols
by considering the same problem. The security of these
admission mechanisms relies upon a special variant of the
proactive threshold RSA signature scheme. Unfortunately,
this scheme is neither robust (i.e., it cannot tolerate
malicious nodes) nor secure. Also, Saxena et al. [17] claim
that, all attempts to construct secure MANET admission
protocols from secure threshold/proactive RSA signature
schemes have failed. Recently, Saxena et al. [18] also
proposed an admission protocol for short-lived MANET
which is based on secret sharing techniques using bivariate
polynomials. They also presented a scheme that allows any
pair of MANET nodes to efficiently establish an on-the-fly
secure communication channel.
Zapata and Asokan [3] proposed Secure AODV
(SAODV) using digital signature to authenticate most fields
of RREQ and RREP, and hash chain is used to authenticate
668
hop count. Network nodes authenticate AODV routing
packets with an extension of SAODV digital signature to
prevent certain malicious attacks. SAODV provides rea-
sonable security in AODV routing protocol, however,
SAODV relies on digital signatures and computing such
signatures on resource constrained nodes is expensive.
Furthermore, SAODV cannot protect against invalid routes,
because an authenticated malicious attacker node that
happens to be on a route between the source and destination
may pass on the routing message without updating routing
information.
Papadimitratos and Haas proposed Secure Routing
Protocol (SRP) [19] to provide end-to-end DSR security
via an existing security association between the source and
destination. SRP allow the destination to produce a keyed
MAC over the received path sequence. The MAC is
transmitted in the route reply packet that allows the source
to verify the route reply has been approved by the target
node. The authors of SRP provide a guided discussion on
possible attacks and describe how SRP is secure if
malicious attackers do not collude or work together. SRP
provides further route security in the presence of non-
colluding attackers by using BAN logic method [20].
However, Marshall et al. [18] described malicious attacker
does not append itself to the accumulated route path during
route discovery and subsequently relays the signed route
reply, proving that the BAN claim is false. An additional
attack against SRP is presented in [21]. This attack was
discovered via visual inspection after simulatability models
indicated SRP is not provably secure.
Yi et al. [22] designed Security-Aware ad hoc Routing
(SAR) protocol which is derived from AODV routing
protocol and based on the hierarchal trust values metric and
authentication. In SAR, the authors defined a new metric
called trust value that governs routing protocol behaviour.
This metric is to be embedded into control packets to mirror
the minimum trust value required by the sender. As a result,
the received packet cannot be processed or forwarded to
next hop until it provides the essential trust level entrusted
to the packet. SAR prevents attacks from an internal node
on a higher trust level and shows better security as
compared to previous routing protocols. However, defining
the nodes’ trust values is problematic if there is no
hierarchy in the network. Also, to secure the scheme, the
authors suggest that all nodes at the same level of trust
should share a common secret. This is not very practical,
and has many key-management issues.
Sanzgiri et al. [1] proposed an AODV based authenti-
cated routing for ad hoc networks (ARAN). In ARAN, each
node has a certificate signed by a trusted authority, which
associates its IP address with a public key. ARAN is an on-
demand protocol, broken up into route discovery and
maintenance. Because ARAN uses public-key cryptogra-
Mobile Netw Appl (2013) 18:666–677
phy for authentication, it is particularly vulnerable to DoS
attacks based on flooding the network with bogus control
packets for which signature verifications are required. As
long as a node can’t verify signatures at line speed, an
attacker can force that node to discard some fraction of the
control packets it receives. In another attempt, Carter and
Yasinsac [23] proposed a Secure Position Aided Ad hoc
Routing (SPAAR) protocol for a high-risk MANET
environment. SPAAR is designed to fulfil the security
requirements of the managed hostile environment. SPAAR
protects position information with authentication, privacy,
and integrity via cryptographic techniques. However,
SPAAR is an anonymous on-demand protocol that requires
online location servers.
A Secure Link-State Protocol (SLSR) proposed in [24]
used digital signatures and one-way hash chains to ensure
the security of link-state updates. SLSR is a periodic
protocol that receives link state information through a
periodic Neighbour Location Protocol (NLP). As a part of
NLP, each node broadcasts a pair of signs between its IP
and MAC addresses. A node’s NLP can notify SLSR when
one MAC address uses two IP addresses, or two MAC
addresses claim the same IP address, or another node uses
the same MAC address as the detecting node. These
protocols ensure some level of integrity of MAC and IP
addresses within a two-hop radius. SLSR uses the same
lightweight flooding prevention mechanism as SRP,
wherein nodes that relay or generate fewer link-state
updates are given priority over any node that sends more
link-state updates. As in SRP, an attacker can masquerade
as a victim node and flood the victim’s neighbours with
link-state updates that appear to originate at the victim.
Although the victim might be able to detect the attack, due
to NLP’s duplicate MAC address detection functionality,
the victim will have no way to protest. A brief survey of
security techniques in MANET Routing can be found in
[25].
2.2 Trust-based security schemes in MANET
The traditional cryptography schemes that provide au-
thentication and data privacy do not detect when an
internal node provides false routing information, or
where a node does not cooperate with the other nodes
to save its resources. There should be another layer of
security that detects such misbehaviour. This layer is
based on trust concept. This concept was first proposed
in [26]. It is based on the way that human beings trust
each other. When a person wants to verify another person,
he usually asks his friends about this person. He also asks
this person to provide him with the list of reference people
who will be asked if he is to be trusted. In the same way,
when a node S wants to verify another node D, the first
Mobile Netw Appl (2013) 18:666–677
step, S requests recommendations from the list of trusted
entities (friends). This request implies a question to each
entity in the list about the identity of D. Each entity
answers yes (trusted) or no (un-trusted). Any entity that
does not find D in its friends list forwards the request to its
trusted entities list (Recommendation list). If any entity of
the friends list or the recommendation list knows D and
trusts him, information about D is sent back to S. In the
next step, node S will ask D about the references, i.e. other
entities with which he has communicated before. When S
receives D references, he asks his friends list if they know
these references and trusts them. S also may ask the
references for references (References chain, [27]). In [28–
30] also proposed to use the trust concept to evaluate the
nodes in MANET.
2.3 Features selection in trust-based security schemes
A good features selection scheme plays an important role in
creating a trust-based MANET community. Features actual-
ly represent the characteristics or evidence properties of
each node in the network. We had made a set of
comparative studies on several features selection schemes
in our previous work [31]. In general, feature based
schemes can be divided into 2 categories including
performance metrics evaluation and quantitative trust value.
In the category of performance metrics evaluation, the
efficiency of selected features are evaluated by using certain
metrics such as routing traffic, route discovery time, routing
overhead and number of data packets delivery. For instance,
each feature contains its own corresponding attribute
number that will be presented during packet forwarding
process [32]. When a source node wants to forward a
packet to its destination, it will ask its neighbouring nodes
to present their feature’s attribute number for checking. If
the neighbouring nodes manage to present an attribute
number that fulfills the source node’s requirement, the
attribute number will be embedded in the packet format and
the node is granted to forward the packet to other
neighbouring nodes before reaching the required destina-
tion. The effectiveness of packet forwarding process based
on selected features are measured using performance
Fig. 1 Overview of friendship
routing protocol. H and M
indicate honest network node
and malicious node,
respectively. S and D indicate X H
the source and destination node, H X
respectively
H
S
H
669
metrics such as Encryption / Key, Hardware Configuration,
Battery Power, Credit History/ACK, Exposure, Organiza-
tion Hierarchy, Identity, and Location.
On the other hand, the quantitative trust value category
represents the method of evaluating trust features by using
certain mathematical functions or equations. Each feature
has its own trust value metric that can be assigned based on
one’s judgment for a specific application. At present, there
is no standard to determine value metrics. The values are
determined based on intuitive decisions. The features’ trust
value metrics are computed in a formulated equation and
the output will be used to determine whether a node can be
trusted or vice versa. According to recent research [32, 33],
there are eight features which can be considered for
performance metrics evaluation and ten features for
quantitative trust value. Three features that are not very
useful for both categories are battery power, credit history
or acknowledgement and identity which were proposed in
[28, 32].The other frequently used potential selected feature
is encryption or key type which falls under the performance
metrics evaluation category [28, 32, 34]. The remaining
expected suitable features are trust value metric, packet
precision and blacklist [33, 34].
In this paper, we have considered 3 features to represent
each node in our MANET environment which includes trust
value metric, packet precision and blacklists. As aforemen-
tioned in [31], the selection of these features is based on the
justification that they have been frequently used in the
previous six research works [28, 32–36]. However, these
features are subject to change after an emulation process
has been carried out, which may give results on the
suitability of the features used. The remaining unselected
features are not discarded but are reserved for later
deployment, for example, in case the current selected
features are found to have weaknesses.
3 Our scheme
In this section, we present our friendship-based framework
proposed to secure AODV (Fig. 1). Two algorithms
(FwEvaluate and RvEvaluate) are used to evaluate the
M
X
H
M
X D
M
H
X
M
X
670 Mobile Netw Appl (2013) 18:666–677

forward and reverse routes respectively in AODV protocol.
We assume that each node has identity information that
cannot be forged by malicious nodes. This Identity
information can be some type of smart card provided in
the initialization phase. For simplicity, we use IP and MAC
addresses. The friends list is created in the initialization
phase and distributed (offline) to the devices. We also
assume that the number of malicious nodes is less than the
number of good nodes.
3.1 Friendship-based AODV routing protocol (FrAODV)
In the proposed scheme, each node keeps a list of friends
and the friendship value of these friends. The friendship
values are represented as numbers ranging from 0 to 100.
The bigger the number, the more it trusts in that node. Two
algorithms are used to build up trusted routes in AODV
protocol:
& RvEvaluate algorithm
This algorithm builds up trusted reverse route from the
destination and intermediate nodes to the originator node.
Figure 2 shows RvEvaluate algorithm and the explanation
is as follows:
& The source node broadcasts RREQ as in the original
AODV protocol.
& When any node receives RREQ , we have the following
two cases:
1. If the current node is the final destination, it
evaluates the friendship of the previous hop, and
if this is not a friend it rejects the request.
Otherwise it evaluates the friendship of the reverse
route from the destination to the originator node by
comparing its friendship value with the current
routes friendship values. The friendship value of
the reverse route is calculated as:
X
h
Pr FrHpi
RvFrRte ¼
i¼1
h
where Pr FrHpi the friendship is value of a
previous hop i, h is the number of hops from the

Receiving new RREQ

I am the
No destination of
Yes
the RREQ?

Evaluate the Evaluate the

friendship of the friendship of the
previous and next hop previous hop

No friend? Yes Yes friend? No

Evaluate the
Reject the route friendship of the Reject the route
route to originator

More friendly than

existing route ? No
Yes

Reject the route

Register the new

route

Fig. 2 RvEvaluate algorithms

Mobile Netw Appl (2013) 18:666–677
destination node to the originator node. Then, it
compares it with the friendship value of the
existing route. If it’s less, it simply rejects the new
route. Otherwise, it registers the new route as the
best friendly reverse route received up to now.
2. If the current node is an intermediate node, it
evaluates the friendship of the previous and the
next hop and if one of these hops is not friends, it
rejects the request. Otherwise it creates a reverse
route from the current node to the originator node
and evaluates it as in the previous step.
& FwEvaluate algorithm
This algorithm builds up trusted forward routes from the
source and intermediate nodes to the final destination node.
Figure 3 shows FwEvaluate algorithm and the explanation
is as follows:
& The final destination node generates RREP messages
according to the received RREQ message and sends
them to the previous node as in the original AODV
protocol.
& When any node receives RREP , we have the following
two cases:
1. If the current node is the originator node, it
evaluates the friendship of the next hop and if this
is not a friend, it rejects the request. Otherwise it
evaluates the friendship of the forward route from
the originator node to the final destination node by
comparing its friendship value with the current
routes friendship value. The friendship value of the
forward route is calculated as:
X
h
FwFrHpi
FwFrRte ¼
i¼1
h
Where FwFrHpi the friendship values of the
next hop i, h is the number of intermediate hops
from the originator node to the destination node.
Then, it compares it with the friendship value of the
existing route. If it’s less, it simply rejects the new
route. Otherwise, it registers the new route as the
best friendly forward route received up to now.
2. If the current node is an intermediate node, it
evaluates the friendship of the previous and the
next hop and if one of these hops is not friends, it
rejects the request. Otherwise it creates a forward
route from the current node to the destination node
and evaluates it as in the previous step.
671
3.1.1 Example
Let’s have a look at the following example where node A
wants to creates a route to node D. From Fig. 4, it can be
seen that the friend value of the route A→B→D is:
ðFrðA ! BÞ þ FrðB ! DÞÞ=2 ¼ ð8 þ 8Þ=2 ¼ 8. While
the friend value of the route A→C→D is ðFrðA ! CÞ þ
FrðC ! DÞÞ=2 ¼ ð10 þ 10Þ=2 ¼ 10
As a result, A chooses route A→C→D since it has more
friendship value than route
A!B!D
3.2 Friendship evaluation in FrAODV
The evaluation of any node depends on the friend’s value
appended to that node. The more friend value a node has
the more trustworthiness it is granted. However, when this
value is less than a specific threshold called Threshold
Friendship (TF), the node is considered untrusted. As a
result, all communication coming from that node is
blocked. The TF value can be chosen by the network
designer according to the scenario. When a node is blocked,
all the Rreq and Rrep messages coming from or going to
that node are rejected.
3.3 Node authentication in FrAODV scheme
Mobility is achieved through a list of rules that are
dynamically issued to the appropriate test-bed notebooks,
changing their configuration in a controlled way. The IP
and MAC addresses have been used as an identity to check
the friend’s authentication.
& Logical Address authentication
The first task of a new node is to associate itself with a
Friendly MANET node. Thus, the new node listens for
hello messages and selects one configuring node. Then, a
hello message is created and transmitted in order to request
address configuration from the selected configuring node. If
an IP address is not available, the MAC address of the new
node must be checked in order to uniquely identify the new
node. Upon receiving a hello message, the configuring
node assigns a local address to the new node, and signals
this assignment through another hello message. Addition-
ally, the configuring node marks the assigned address as
used in its hello messages.
& Physical Address authentication
MAC address has been used as a second identity in our
friendship mechanism that works by discriminating against
672 Mobile Netw Appl (2013) 18:666–677

Receiving new RREP

I am the
No Originator of
Yes
the Request?

Evaluate the Evaluate the

friendship of the friendship of the
previous and next hop next hop

No friend? Yes Yes friend? No

Evaluate the
Reject the route friendship of the Reject the route
route to destination

More friendly
than existing No
route ?

Reject the route

Yes

Register the new

route

Fig. 3 FwEvaluate algorithm

certain traffic at Layer 2. By specifying which node (by
their MAC addresses) can communicate directly (friends)
or which node cannot (blacklist) certain one hop routes can
be individually discarded or accepted. In case of friend
node, it is the data packet to be passed up to next node
which decides the next best hop based on the friendship
value. MAC address provides extra security between
mobile nodes, where in a real MANET the association
would occur between wireless cells. Specifically, the MAC
address of the mobile node has to be accepted by its new
neighbouring nodes as well as the mobile node accepting
the MAC address of its new neighbours. Through the
proposed friendship mechanism, the initial topology can be
specified by selecting node-to-node associations. To realize
mobility, each time node is mobile and disassociated from
its current neighbours. The next node that it wishes to
associate with is set through friendship value. Once a
scenario has been created, running the scenario causes the
nodes to remotely connect to the relevant nodes and
dynamically exchanges their friendship value.

4 Performance evaluation

Our implementation includes two separate parts, simulation

Fig. 4 Example on the scheme friendship mechanism and test-bed. The simulation has been done to compare the
Mobile Netw Appl (2013) 18:666–677
Fig. 5 Packet delivery fraction for three AODV implementations
under malicious attacks (100 m×100 m)
proposed scheme with the other existing schemes and test-
bed implementation is done by using a real-world scenario
setup.
4.1 Performance evaluation with existing schemes
A simulation experiment has been done to evaluate the
friendships mechanism with plugged-in trust features. The
simulation is run on AODV routing protocol by using NS-2.
For all simulations, the same movement models will be
used where the number of mobile nodes involved is 100,
the simulation time is 250 s, the pause time is varied as 0,
50, 100, 150, 200 and 250 s, and the network boundaries
are set to 100 m×100 m and 1000 m×1000 m areas. The
purpose of having two different sets of network boundaries
is to determine how the proposed mechanism performs in
the most and less dense areas. The test was carried out on
100 m × 100 m network size with 100 mobile nodes
involved. Some malicious attacks have been launched to
see how the proposed mechanism could endure the AODV
routing protocol under such attacks. Performance compar-
ison will be made between three implementations on
Packet Delivery Fraction (PDF)
100
90
80
70
PDF (%)
60
50
40
30
20
10
0
0 50 100 150
Pause Time (seconds)
AODV-Malicious Attacks
AODV-Friendships Mechanism (Malicious Attacks)
AODV-Friendships Mechanism with Trust features (Malicious Attacks)
Fig. 6 Packet delivery fraction for three AODV implementations
under malicious attacks (1000 m×1000 m)
673
Fig. 7 Normalized routing load for three AODV implementations
under malicious attacks (100 m×100 m)
AODV: original AODV routing protocol, AODV with
friendships mechanism without trust features and AODV
with friendships mechanism that is enhanced with trust
features. The performance of the proposed mechanism is
evaluated using packet delivery fraction (PDF) and nor-
malized routing load (NRL). PDF derives the ratio of
received data packets over sent packets delivered to the
destinations [37]. It is a measurement of a protocol’s
successfulness delivering packets from source to destina-
tion, also known as the throughput of a network. The higher
percentage value of PDF obtained denotes the better
network throughput performance of a routing protocol.
Meanwhile, NRL is the ratio of the number of control
packets (routing packets) broadcasted by every node in the
network and the number of data packets received by the
destination nodes [38]. Lower NRL prescribes that a
routing protocol is more efficient as less unnecessary
control packets have been propagated in the network in
comparison to the data packets received at destination.
The PDF comparison for the three AODV implementa-
tions in 100 m×100 m is illustrated in Fig. 5. From the
graph, it can be seen that under malicious attacks, the
implementation of proposed friendships mechanism with
trust features on AODV outperforms the other two AODV
implementations by approximately 10% at each interval of
nodes’s mobility pause time. On the other hand, the other
two parameters achieved percentages of PDF in the same
200 250
Fig. 8 Friendship mechanism test-bed setup
674
Table 1 Node hardware
specifications Model Processor
HP 520 2.0 GHz
HP Pavilion dv2000 2.0 GHz
HP Pavilion dv2000 2.0 GHz
Fujitsu Siemens 1.73 GHz
HP Pavilion (Desktop) 2.20 GHz
vicinity with each other at about 75%. The performances of
the two AODV implementations are in such a way because
the malicious nodes have not been excluded earlier, and that
causes them to successfully carry out malicious activities.
As a result, less data packets are received than sent as many
have been dropped by malicious nodes.
Different output patterns have been exhibited after a
simulation ran in a 1000 m×1000 m area as shown in
Fig. 6. At high mobility level, the performance of the
AODV with trust features’ implementation is lower than the
original AODV. This is because the number of total trust
relationships gained for this terrain size is smaller than the
one obtained in the smaller area, leading to a smaller
number of cooperation among friends. Thus, at high
mobility level where a nodes’ movements are more
frequent, more cooperative friends are needed to increase
PDF performance. However, the PDF performance is
increasing when the mobility level is decreasing, out-
performing the original AODV.
The results of routing load achieved for the three AODV
implementations in 100 m×100 m area are as illustrated in
Fig. 7. The graph shows that the proposed AODV
implementation with trust features acquired relatively lower
routing loads at all pause times, whereas the remaining two
AODV implementations gained higher routing loads. The
result proves the hypothesis that less control (routing)
packets have been broadcast in the network due to the
Fig. 9 Scenario setup
Mobile Netw Appl (2013) 18:666–677
Ram Wireless card
1 GB Intel(R) PRO/Wireless 3945ABG Network Connection
3 GB Intel(R) Wireless WiFi Link 4965AGN
3 GB Intel(R) Wireless WiFi Link 4965AGN
510 MB Intel(R) PRO/Wireless 2200 GB Network Connection
2 GB Linksys Wireless-G PCI Adapter
malicious nodes having been restricted from doing so with
the implementation of trust features in AODV.
4.2 Performance evaluation in real test-bed implementation
In order to do the experimental performance analysis of
friendship based AODV networks, the experimental test-
bed as illustrated in Fig. 8 was constructed. The experiment
was conducted in the wireless communication lab at
Universiti Teknologi Malaysia. The area was approximately
20 m by 8 m and during the experiments all 5 notebooks
were placed in the same lab. The laptops have the following
hardware and software configurations.
& Hardware configurations
All the 5 nodes have the hardware specifications as
outlined in Table 1.
& Software configurations
All notebooks have been installed with Windows XP.
The WLAN interface of each notebook has been allocated a
different IP address from a different sub network as shown
in the Fig. 7. Jadhoc prompts the user to start each test-bed
node that will be used to aid the user in configuring the
initial MANET topology. This MANET experiment specif-
ically tries to emulate the hops that exist between
neighbours nodes and their mobility. By definition, the
Mobile Netw Appl (2013) 18:666–677 675

two hop distance between nodes indicates that they are

geographically separated in such a way that they are not
able to communicate directly; instead they must communi-
cate at the Network Layer, routing via an intermediary
node. This separation is shown in Fig. 8 and highlights that
the wireless cells have minimal interference with one
another.
& Nodes Initialization
Each node should be from different subnet. The gateway
of each node should be the IP address of a node that does
not exist. This will launch the route requests multicasting to
all the nodes in range. For example, if the node IP address
Fig. 11 Friendship message activity
is 192.168.2.1/24, the gateway is set as: 192.168.2.100 (this
IP address is virtual). The wireless network of each node
should be configured to use the open mode. rate of one message per minute. The nodes sent messages
for ten minutes, and then statistics were recorded one
4.3 Scenario setup minute afterwards. One of the goals of this experiment is to
determine how well it scales. How does our friendship
The environment used here consists of five nodes, each one mechanism performance vary with respect to the number of
provided by a wireless network interface as shown in nodes in the network? Attempting to answer this question,
Fig. 9. Each node is equipped with the following setup: we have conducted experiments by considering 3 scenarios
Windows XP professional Version 5.1.2600 service pack 2, including packet delivery ratio, friendship message activity,
JDK version 1.4, JRE version 1.4, JPCAP version 0.4.4, and average time. These scenarios are explained as follows:
and JADHOC version 0.2. The nodes hardware specifica-
tions are as shown in Table 1. & Packet Delivery Ratio
& Experimental Results Average packet delivery ratio has been calculated using
10 different experiments. A 10 MB data packet has been
This section provides the results of the performance
sent with TTL=128 in each experiment. UDP actual load
analysis done on the basis of the scenarios and the tests
for given load of 10240 bps, out of order sequence packets
described in the previous section. Varying the number of
are shown both for friendship mechanism and JAdhoc.
nodes can be accomplished in two basic ways. One is by
Packet Delivery Ratio of both Friendship Mechanism and
varying field size, keeping node density constant. The other
JAdhoc protocol handlers was found to be between 93% to
one is by keeping the field size constant and increasing the
96%, and 98% to 100% respectively, as shown in Fig. 10.
density. The experiments have been performed using both
The loss of packets is due to the load caused by the security
of these approaches. In all the simulated experiments, each
messages. The original JAdhoc version does not include
node sent messages to random destinations at an average
any security messages. This justifies why PDR is higher in

Fig. 10 Performance comparison of packet delivery ratio between Fig. 12 Performance comparison of average time between friendship
friendship mechanism and Jadhoc (0.20) mechanism and Jadhoc (0.20)
676
the original JAdhoc than in our version. However, this loss
does not have a critical effect on data communications
among the nodes.
& Friendship Message Activity
Friendship message activity is calculated by varying the
number of nodes. The total message activity has been
computed as the total number of AODV messages sent and
received at each node. It is important to count both sent and
received messages, as they will generally differ, for not all
sent messages are received, while some messages are
received many times (broadcasts). Experiments were
performed by varying nodes in the lab of range 20 m by
8 m. In all experiments, each node sent one message to
particular destinations. The nodes sent messages 10 times,
and then statistics were recorded for each second after-
wards. In this experiment, friendship message activity has
been calculated per node in a constant-density field. Nodes
were initially arranged in a grid format with each node
separated by 5 m. From Fig. 11, it is clear that the amount
of message activity is increased each time more nodes are
added to the network. With mobility, destinations can
become unreachable, causing route error messages to be
sent and routes to be removed. To create those routes again,
new route request need to be sent, resulting in the increased
message activity.
& Average Time
Average time has been referred to in this experiment as
the time taken by messages to travel from the source to the
destination. The results show that the average time
calculated in the proposed scheme is almost the same as
the performance of the original JadHoc scheme. A small
delay may happen due to the friendship messages transfer-
ring prior to sending data. However, the friendship security
communication chosen in our system is lightweight and
suitable for the limited resources of MANET. In other
words, the security implementation that has been added to
JadHoc does not cause significant delay for the messages to
reach their destinations (Fig. 12).
5 Conclusion and future work
In this paper we have shown that our friendship based
mechanism is a useful framework to secure AODV routing
protocols in MANET. We also presented in detail the
routing mechanism used to evaluate the nodes using the
trust concepts. We have evaluated our proposed friendship
based mechanism in a real test-bed using JADHOC
framework. The results show that this approach is a
promising way of securing AODV routing protocols. The
future work of this research is to implement the proposed
Mobile Netw Appl (2013) 18:666–677
scheme in wireless PDA devices and perform the experi-
ment in more mobility environments where nodes can move
freely in a wide range of area (such as in forest or street). In
future implementations, we should consider a high number
of PDA nodes in the environment (at least 20 PDA devices)
and evaluate the proposed scheme under this scenario.
Acknowledgment This research has been supported by the Ministry
of Science, Technology and Innovation (MOSTI) Malaysia under E-
Science Project vote No. 79261.
References
1. Sanzgiri K, Dahill B, Levine BN, Shields C, Belding-Royer EM
A secure routing protocol for ad hoc networks. In Proceedings of
the 10th IEEE International Conference on Network Protocols,
ICNP ’02, pp 78–89, Washington, DC, USA, 2002. IEEE
Computer Society
2. Hu Y-C, Perrig A, Johnson DB (2003) Rushing attacks and
defense in wireless ad hoc network routing protocols. In
Proceedings of the 2nd ACM workshop on Wireless security,WiSe
’03, pp 30–40, New York, NY, USA. ACM
3. Zapata MG, Asokan N (2002) Securing ad hoc routing protocols.
In Proceedings of the 1st ACM workshop on Wireless security,
WiSE ’02, pp 1–10, New York, NY, USA. ACM
4. Al-Shurman M, Yoo S-M, Park S (2004) Black hole attack in
mobile ad hoc networks. In Proceedings of the 42nd annual
Southeast regional conference, ACM-SE 42, pp 96–97, New York,
NY, USA. ACM
5. Hu Y-C, Perrig A, Johnson DB (2003) Packet leashes: a defense
against wormhole attacks in wireless networks. In INFOCOM
2003. Twenty-Second Annual Joint Conference of the IEEE
Computer and Communications. IEEE Societies, volume 3, pp
1976–1986, march-3 April 2003
6. Johnson DB, Maltz DA (1996) Dynamic Source Routing in Ad
HocWireless Networks. Kluwer Academic Publishers
7. Perkins CE, Bhagwat P (1994) Highly dynamic destination-
sequenced distance-vector routing (dsdv) for mobile computers. In
Proceedings of the conference on Communications architectures,
protocols and applications, SIGCOMM ’94, pp 234–244, New
York, NY, USA. ACM
8. Perkins CE, Royer EM (1999) Ad-hoc on-demand distance vector
routing. In Mobile Computing Systems and Applications, 1999.
Proceedings. WMCSA ’99. Second IEEE Workshop on, pp 90–100,
Feb 1999
9. Zhou L, Haas ZJ (1999) Securing ad hoc networks. Network,
IEEE 13(6):24–30
10. Buttýan L, Hubaux J-P (2003) Stimulating cooperation in self-
organizing mobile ad hoc networks. Mob Netw Appl 8:579–592
11. Kong J, Luo H, Xu K, Gu DL, Gerla M, Lu S (2002) Adaptive
security for multilevel ad hoc networks
12. Hu Y-C, Perrig A, Johnson DB (2005) Ariadne: a secure on-
demand routing protocol for ad hoc networks. Wirel Netw 11:21–
38
13. Yang H, Meng X, Lu S (2002) Scane: Selforganized network-layer
security in mobile ad hoc networks. In Proceedings of the 1st
ACM workshop on Wireless security, WiSE ’02, pp 11–20, New
York, NY, USA. ACM
14. Saxena N, Tsudik G, Yi JH (2009) Efficient node admission and
certificateless secure communication in short-lived manets. Parallel
and Distributed Systems, IEEE Transactions 20(2):158–170
Mobile Netw Appl (2013) 18:666–677
15. Frankel Y, Yung M, Desmedt Y (1994) How to share a function
securely (extended summary (1994)). In Symposium on the
Theory of Computation (STOC)
16. Zhang Y, Lou W, Liu W, Fang Y (2007) A secure incentive
protocol for mobile ad hoc networks. Wirel Netw 13:569–582
17. Saxena N, Tsudik G, Yi JH (2007) Threshold cryptography in p2p
and manets: the case of access control. Comput Netw 51:3632–
3649
18. Thakur V, Marshall J, Yasinsac A (2003) Identifying flaws in the
secure routing protocol. In Proc. 2003 IEEE Intl. Performance,
Computing, and Commun. Conf, p 167174
19. Papadimitratos P, Haas ZJ (2002) Secure routing formobile ad
hoc networks. In SCS Communication Networks And Distrib-
uted Systems Modeling And Simulation Conference (CNDS
2002), pp 193–204
20. Burrows M, Abadi M, Needham R (1990) A logic of authentica-
tion. ACM Trans Comput Syst 8:18–36
21. Buttyn L, Vajda I (2004) Towards provable security for ad hoc
routing protocols. In In Proceedings of the ACM Workshop on
Security in Ad Hoc and Sensor Networks (SASN, pp 94–105.
ACM Press
22. Yi S, Naldurg P, Kravets R (2001) Security-aware ad hoc routing
for wireless networks
23. Carter S, Yasinsac A (2002) Secure position aided ad hoc routing.
In Proc. IASTED Intl. Conf. Commun. And Computer Networks
(CCN02), pp 329–334
24. Papadimitratos P, Haas ZJ (2003) Secure link state routing for
mobile ad hoc networks
25. Andel TR, Yasinsac A (2007) Surveying security analysis
techniques in manet routing protocols. Communications Surveys
Tutorials, IEEE 9(4):70–84
26. Weimerskirch A, Thonet G (2002) A distributed light-weight
authentication model for ad-hoc networks. In Proceedings of the
4th International Conference Seoul on Information Security and
Cryptology, ICISC ’01. Springer-Verlag, London, UK, pp 341–354
27. Wang G, Wang Q, Cao J, Guo M (2007) An effective trust
establishment scheme for authentication in mobile ad hoc net-
works, pp 749–754, Oct
View publication stats
677
28. Eschenauer L, Gligor VD, Baras J (2002) On trust establishment
in mobile ad-hoc networks. In In Proceedings of the Security
Protocols Workshop, pp 47–66. Springer-Verlag
29. Zhu S, Zhu S, Xu S, Setia S, Jajodia S (2003) Lhap: A lightweight
hop-by-hop authentication protocol for ad-hoc. In In Proc. of the
23rd International Conference on Distributed Computing Systems
Workshops, p 749755
30. Ren K, Li T, Wan Z, Bao F, Deng RH, Kim K (2004) Highly
reliable trust establishment scheme in ad hoc networks. Comput
Netw 45:687–699
31. Samian N, Maarof MA, Razak SA (2008) Towards identifying
features of trust in mobile ad hoc network. In Proceedings of the
2008 Second Asia International Conference on Modelling &
Simulation (AMS), pages 271–276, Washington, DC, USA, 2008.
IEEE Comput Soc
32. Abusalah L, Khokhar A, BenBrahim G, ElHajj W (2006) Tarp:
trust-aware routing protocol. In Proceedings of the 2006 interna-
tional conference on Wireless communications and mobile
computing, IWCMC ’06, pp 135–140, New York, NY, USA, ACM
33. Li H, Singhal M (2006) A secure routing protocol for wireless ad
hoc networks. In Proceedings of the 39th Annual Hawaii
International Conference on System Sciences - Volume 09, pages
225.1–, Washington, DC, USA. IEEE Comput Soc
34. Nekkanti RK, Lee C (2004) Trust based adaptive on demand ad
hoc routing protocol. In Proceedings of the 42nd annual Southeast
regional conference, ACM-SE 42, pp 88–93, New York, NY, USA,
ACM
35. Pirzada AA, McDonald C (2004) Establishing trust in pure ad-hoc
networks. 27th Conference on Australasian Computer Science
(CRPIT 04), January 2004
36. Zhang P, Yan Z, Virtanen T (2003) Trust evaluation based security
solution in ad hoc networks. In Proceedings of the 7th Nordic
Workshop on Secure IT Systems, pp 1–14
37. Pandey AK (2005) Study of manet routing protocols by glomosim
simulator. In International Journal Of Network Management,
volume 15, pp 393–410. John Wiley and Sons, Ltd
38. Rani A, Dave M (2007) Performance evaluation of modified aodv
for load balancing 1. J Comput Sci