Skip to main content

SPAWN: a secure privacy-preserving architecture in wireless mobile ad hoc networks


Fourth-generation wireless networks may require an integration of mobile ad hoc networks (MANET) into external network to enhance the flexibility of the communication and roaming. This phenomenon is well-suited for commercial and military applications which yield additional benefit of roaming. However, integration of MANET with external network poses a serious security challenge for communication because of open and distributed nature of the ad hoc network. In this paper, a secure privacy preserving architecture has been proposed to provide privacy and security for data communication in wireless mobile ad hoc networks. This architecture includes the concept of observer obscurity to provide privacy and security for the genuine nodes and to exclude misbehaving nodes in the network. The proposed architecture is designed based on the k-times anonymous authentication and onion routing - a cryptography concept which supports for anonymous communication. The simulation results prove the necessity and effectiveness of the proposed architecture in achieving such privacy and security in the integrated environment.

1. Introduction

The evolution of fourth-generation (4G) wireless networks integrates mobile ad hoc networks (MANET) with other networks such as cellular networks, wireless local area networks (LANs) and third-generation (3G) systems to enhance the flexibility in communication. The major goal of 4G network is to allow mobile nodes to roam globally without any limit to underlying technologies [13]. One of the emerging categories of wireless network called MANET is included in the 4G systems.

MANET is a collection of mobile hosts which utilize multi-hop radio relaying and are capable of operating without any fixed infrastructure. The lack of fixed infrastructure in ad hoc networks causes nodes to rely more heavily on peer nodes for communication [4]. The nodes have the ability to configure themselves and form a temporary ad hoc topology. MANETs were initially used to operate as stand-alone networks for ad hoc communications, such as conferences, emergency rescue or military missions, restricting its traffic within its [5] limitation. Unlike traditional fixed Internet Protocol (IP) networks, all users in a MANET communicate over multi-hop relays by equally distributing and maintaining the routing information by running the same ad hoc routing protocols [6]. This behavior differentiates the MANET nodes with the nodes in other networks.

So far, most of the research work is done on protocols for autonomous mobile ad hoc networks. During the last few years, some work has been done concerning with the integration of mobile ad hoc networks with other networks for the purpose of internet access [7, 8]. The purpose of this integration with other networks, like the internet, is to allow the ad hoc nodes to communicate with any part of the world. The 4G networks provide such an opportunity for mobile ad hoc networks [9] to maintain global connectivity without any interruption for ongoing connection paths and also the MANET may help to extend the coverage of existing infrastructure networks, like wireless LANs and 3G networks.

4G networks are envisioned as hybrid broadband networks that integrate different network topologies and standards. In Figure 1, the overlapping of different network boundaries represents the integration of different types of networks in 4G. There are two levels of integration. First is the integration of heterogeneous wireless networks with varying transmission characteristics such as cellular networks, wireless LAN as well as mobile ad hoc networks. At the second level, wireless networks are integrated with the fixed network backbone infrastructure, the internet, and PSTN. Much work remains to enable a seamless integration, for example extending IP or IP extension to support mobile network devices.

Figure 1

4G networks.

However, connecting MANETs to the external network for internet access pose serious threats and challenges [10, 11]. Normally, the interoperability is different for ad hoc routing protocols than the regular routing protocols used in the internet. The ad hoc routing protocols participate on the route learning and maintenance in ad hoc networks whereas in the internet, these tasks are left to specialized routers running routing protocols. Communication between nodes on the internet and mobile ad hoc nodes is done throughout specialized mobile gateways (MG) that are located at the edge of a MANET and provide connections to both, the infrastructure network and the MANET. So, the MG must run the routing protocol used in the infrastructure network and the ad hoc routing protocol used in the MANET to provide an interface between both the networks. The MG takes the responsibility in integrating MANET with internet through Mobile IP which enables flexibility in communication across the network. Mobile IP defines the functional entities such as Home Network, Home Agent, Foreign Network, Foreign Agent and Care of Address and the functionalities of these entities are discussed in [12] and the discussion of this part is beyond the scope of this work.

Security plays a major role in integrating MANET and fixed networks for the purpose of accessing the internet in an adverse environment. Integration of Mobile IP and ad hoc networks enables mobile nodes, as well as MG to move between networks while retaining the connectivity to the external network. In these circumstances, consider a battle field environment; the presence of malicious nodes may pose a serious threat to the success of the covert missions because the communication may require two ways: firstly, a node from ad hoc network may want to convey secret information to the other nodes in the same network then the usual ad hoc routing protocols can be used for communication. Secondly, a node may want to surf some important information from the external network; this can be achieved through Mobile IP and MG. This environment creates a provision for misbehaving nodes to induce active or passive attacks in the network in order to exploit the covert missions. There are a number of mechanisms that have been proposed in the past but those protocols are compromised in many ways. So, there is a need of a technique to provide privacy and security for the mobile nodes while communicating between ad hoc networks to fixed network and vice versa.

In this paper, a secure privacy preserving architecture has been proposed to provide privacy and security for data communication in wireless mobile ad hoc networks. This architecture includes the concept of observer obscurity to provide privacy and security for the genuine nodes and to exclude misbehaving nodes in the network. A misbehaving node is categorized as outlier (who drops the data packets instead of forwarding) or malicious (who does not send cooperation message, upon receiving a caution). These nodes are excluded in two ways: firstly, a user is declared as outlier if the overall trust is less than the threshold. Secondly, a user is revealed as malicious if it does not send a cooperation message upon receiving a caution. The proposed architecture is designed based on the k-times anonymous authentication and onion routing - a cryptography concept that supports for anonymous communication. The k-times anonymous authentication scheme [13] supports the distributed and decentralized nature of wireless ad hoc networks. The cryptographic Trapdoor Boomerang Onion [14] is used to create untraceable paths or packet flows in an on-demand environment with route pseudonymity approach. The design of route pseudonymity is based on “broadcast with trapdoor information” - a cryptography concept. Trapdoor information is used in this paper mainly for encryption and authentication.

The rest of the paper is organized as follows: the related works are discussed in section 2; section 3 discusses the threat model and design goals; preliminaries and communication scenarios are discussed in section 4; the propose architecture is discussed in section 5; section 6 provides the security analyses; section 7 describes simulation environments and presents the simulation results; and section 8 discusses the conclusion.

2. Related works

The ad hoc routing protocols and techniques have been studied extensively for the integration of MANET with fixed network for internet access.

2.1 MANET with fixed network

Daemon is one of the earliest techniques proposed by Sun et al. [12] to integrate the ad hoc routing protocol and Mobile IP routing. But this technique does not discuss about the privacy and security features. Wakikawa et al. [15] investigated the use of ad hoc routing protocols for route-optimized communication between mobile networks. The route has been provided by the ad-hoc routing protocol or by the basic NEMO routing approach itself whenever it is desirable. Jonsson et al. [16] designed a Mobile IP for MANET (MIPMANET) scheme that provides Ad Hoc On-Demand Distance Vector (AODV)-based MANET with access to the internet using Mobile IP. A MIPMANET interworking unit is inserted between a gateway and the MANET.

Broch et al. [17] propose a principle that allows a DSR-based MANET with single gateway to span across heterogeneous link layers. This architecture supports only a single gateway in a MANET IP subnet. Kock and Schmidt [18] proposed dynamic mobile IP routers in ad hoc networks to act as gateways to the rest of the network. Tseng et al. [19] proposed an idea for extending traditional IEEE 802.11-based access points to incorporate the flexibility of mobile ad hoc networks which would help to make the dream of ubiquitous broadband wireless access a reality. Perkins et al. [20] used Mobile IP as the basis for providing mobility for nomadic users, and extend it to facilitate additional services for nomadic users both at the network layer and above.

2.2 Anonymous communication techniques

Anonymous communication protocols are studied extensively in ad hoc networks and most of the works are based on onion routing protocol [21] proposed by Reed et al. in which data is wrapped in a series of encrypted layers to form an onion by a series of proxies communicating over encrypted channels.

There are protocols in MANET which addresses the anonymity-related issues proposed by Kong et al. [14]. An Anonymous On-Demand Routing Protocol (ANODR) is the first one to provide anonymity during route discovery and data forwarding in ad hoc networks. Following the work of ANODR, Seys and Preneel [22] proposed Anonymous Routing Protocol (ARM) which uses one-time public/private key pairs and discusses about only anonymity in route discovery and data forwarding. Sy et al. [23] proposed the On-Demand Anonymous Routing (ODAR) using public key cryptosystems for secure anonymous routing, but they assume that long-term public/private key pairs have been set up on each node for anonymous communication. Zhang et al. [24] proposed the Anonymous On-Demand Routing (MASK) which enables an AODV-like anonymous on-demand routing protocol with high routing efficiency by comparing with ANODR (which is very sensitive to node mobility) and which may lower routing efficiency.

Choi et al. [25] proposed an Anonymous and Secure Random Reporting Protocol for a civilian ad hoc network, in which the source and destination collect reports from intermediate nodes on the routing path. Zhu et al. [26] proposed an Anonymous Malicious Detection Mechanism which provides anonymity for the witness who reports observed malicious to the network anonymously and ignores malicious and selfish users from the group. Pan and Li [27] proposed an Efficient Strong Anonymous Routing Protocol (MASR) which overcomes the problems of ANODR and MASK and provides efficiency, security, strong anonymity, and adaptability for route discovery and data forwarding.

3. Threat model and design goals

This section describes the threat model and the design goals in order to manage the threat posed by misbehaving nodes.

3.1 Threat model

The integration of MANET with fixed network pose a terrible challenge because the functionality of ad hoc routing protocols are quite different from the routing protocols of fixed network. In the fixed network, the nodes do not participate on the route learning and maintenance whereas in mobile ad hoc network, every node must exchange routing information with other nodes within its proximity which makes every node act as an end node or as a router. Communication between nodes in MANET and nodes in the fixed network is achieved through the routers located at the edge of a MANET called gateways.

This environment poses a serious security threat on MANET than the fixed network.

Being an active part of the network, it is easy for the attackers to exploit any individual or the entire network itself. Passive eavesdroppers do not disrupt the normal operation of the network; instead, they listen to the network in order to extract the cryptographic information. In addition, an attacker may want to gain access to the network or impersonate as a valid entity which gives more challenge for secure communication in the integrated environment.

3.2 Design goals

The design goal of the proposed architecture is to provide the following requirements to identify misbehaving nodes using the trust and reputation metrics and to exclude them from the network:

  •  Obscurity: It should not be possible for misbehaving users to identify the identity of the observer (who identifies and discloses the outliers/malicious users in the network anonymously).

  •  Accountability: An observer is liable to identify and reveal the identity of misbehaving users in the network anonymously.

4. Network architecture

4.1 Preliminaries

Since MANETs were envisioned as distributed networks, their nodes are not usually set with addresses. So, the nodes in ad hoc networks should use IP addresses for communication with the nodes in the fixed network for internet access. One convenient way for assigning structured IP addresses to mobile nodes is to use the same network prefix that is used by the closest gateway. When a mobile node moves and selects a different gateway, it configures a new address with the new prefix. With the globally routable address, packets can be received from and sent to the internet. In this way, mobile nodes will be organized as sub-network surrounding these gateways that share the same network prefix. This organization facilitates the routing tasks done by routers on the internet, by mobile nodes in the MANET, and by gateway, which have interfaces facing both types of networks [28]. In summary, a mobile node obtains its globally routable address [29] by following the steps given below:

  1. (a)

    Has an initial IP address (home address) which is routable in the ad hoc network;

  2. (b)

    Discovers reachable gateways in its surrounding;

  3. (c)

    Selects one gateway out of the set of reachable gateways; and

  4. (d)

    Forms a globally routable IP address with the prefix of the selected gateway.

The gateway discovery is a key component for the MANET nodes in order to communicate with internet hosts. The gateway discovery can be made either by proactive or reactive approach. In proactive approach, periodical gateway advertisements are sent to all nodes in the ad hoc network from the gateways. In the reactive approach, solicitation and advertisement messaging takes place between a mobile node and the gateway. Once a mobile node discovers a gateway, it can connect to the internet through the gateway.

Figure 2 shows the proposed network architecture. Mobile gateways MG-1 and MG-2 connects MANET to the internet, supports Mobile IP and also serves as the local foreign agent. Hereafter, any mobile host that joins the MANET will be served by the gateway.

Figure 2

Proposed network architecture.

4.2 Communication scenarios

The proposed network architecture can accommodate two different communication scenarios such as Intra-MANET communication and Inter-MANET communication. This model implements the base specification of the AODV [30] protocol for all corresponding MANET routings.

4.2.1 Intra-MANET communication

AODV supports intra-MANET communications. It implements all functionality of service and discovers routes on demand. The transmission from host S to host D shown in Figure 3 falls into this category. Host S sends packets to host D through AODV.

Figure 3

Intra-MANET communication.

4.2.2 Inter-MANET Communication

A host in a MANET will forward any packet whose destination is not listed in the routing table to the local MANET's gateway. The gateway will then forward the packet to the internet. The transmission from host S to host D in Figure 4 is an example of this kind of packet transfer. Packets travel on MANET-1 based on AODV, then on the internet to MG-2 based on IP routing, and then again by AODV to host D on MANET-2. When a mobile node roams away from its home network, Mobile IP will forward packets between MANETs. For example, in Figure 4, during packet transmission from the corresponding host to host M, packets arrive at MG-1 via IP routing which then uses AODV to forward them to mobile host M.

Figure 4

Inter-MANET communication.

5. The SPAWN

The secure privacy-preserving architecture in wireless mobile ad hoc networks (SPAWN) is designed to provide security and privacy for the nodes either in ad hoc networks or in the internet during data communication. There are three entities, i.e. the mobile nodes in ad hoc network, mobile gateway and regular nodes in the fixed network. The system model for the proposed architecture is depicted in Figure 5.

Figure 5

System model of SPAWN.

The components and the functionalities of the SPAWN are described in the following subsections:

5.1 Configuration module

The configuration module has two faces such as the initial setup and the user registration (discussed in [31]).

During the initial setup phase, the MG generates a group key (public/secret key pair) and sends announcement with group public key during gateway advertisement. In addition, MG also publishes the method of generating the tag bases that will be used to send caution, cooperation and event reporting.

5.1.1 Warning

If any user notices malicious activity in the network can act as an observer and send a caution. The format of caution message is as follows:

W k , W k ' = H G T x G T W msg , I D malicious , MA X caution , k ....... 1 for k = 1 , .... MA X caution

where Wmsg denotes the caution message that has been sent to the malicious user, IDmalicious denotes the identity of a malicious user and MAXcaution denotes the maximum number of caution that can be sent malicious user. In this paper, MAXcaution = 1.

5.1.2 Cooperation

If any user receives a warning, it has to send a cooperation message at once. The format of cooperation message is follows:

E l , E l ' = H G T x G T C msg , I D source , MA X cooperation , l ....... 2 for k = 1 , .... MA X cooperation

where Cmsg denotes the cooperation message that the user has to send to the initiator of the cooperation message, IDsource denotes the identity of the user who sends the caution message and MAXcooperation denotes the maximum number of cooperation message that the user can send. In this paper, MAXcooperation = 1.

5.1.3 Report

Any user identifies an outlier or malicious user in the network which can act as an Observer and report it to the other users. However, an Observer can send report at once. The format is as follows:

T j , T j ' = H G T × G T Typ e event , I D malicious , MA X report , j ....... 3 for j = 1 , .... MA X report

where Typeevent denotes the type of event that the claim is against, e.g. packet drop or tampering, IDmalicious denotes the identity of the malicious user. MAXreport denotes the maximum number of report an Observer can send. In this paper, MAXreport = 1.

The user who wants to join in the network chooses an identity and sends user registration request to MG. After this step, the user obtains a member public/secret key pair, and then the MG adds the user's identity and public key to the identification LIST. A user who has completed the registration procedure is called a member of the network.

5.2 Watchdog module

The main function of the watchdog module is to overhear the packet transmission and collect useful information about network behaviors, such as packet forwarding, dropping and tampering. Initially, the user monitors the one-hop neighbor in a short-term monitoring basis. However, if a user finds any malicious activity, it monitors the particular user in a long-term monitoring basis.

5.3 Decision making module

This section describes the process of estimating the trust, judging the reputation and how the mobile nodes are categorized as trusted/outlier and genuine/malicious.

5.3.1 Trust estimation module

This module compares the collected data with the predefined threshold value and finds the deviation. Based on the information collected and compared by the user, it calculates the direct trust value and stores it into the local database DBLOC. The direct trust value is calculated mainly based on the behavior of packet forwarding, dropping and tampering. The indirect trust value is determined based on the information collected from other users in the network and maintained by the common database DBCOM.

5.3.2 Reputation module

Any user suspects the malicious activity such as holding the packets for a long time or giving false report in the network is performed by any user, it can send a caution at once to that user. Upon receiving a caution, the genuine user has to send a maximum of one cooperation message using the tag base published in the setup procedure. If the user does not send cooperation (one time) or sends multiple cautions is marked as a malicious user.

5.3.3 Identification module

In this module, the trust value obtained from the trust estimation module is compared with the threshold. If the trust value is less than the threshold, then the user can be marked as outlier otherwise trusted. In the same way, based on the reputation obtained from the reputation module, the user can be marked as malicious or genuine.

5.4 Report module

Any user who identifies an outlier or malicious user in the network can act as an Observer and categorize him/her as a misbehaving user. Then the Observer can report to the other users in the network a maximum of one time per reason per misbehavior type. The claim will be accepted by other users if and only if the Observer is a group member.

6. Security analysis

This section presents an informal analysis on the security- and privacy-related goals. The SPAWN is designed based on the k-times anonymous authentication scheme and onion routing. The k-times anonymous authentication scheme is modified according to ad hoc networks in such a way that it supports privacy and accountability at the same time. The proposed architecture focuses on network layer and the routing process that is route discovery, data forwarding and reporting is based on [4, 31]. In addition, Elliptic Curve Digital Signature Algorithm (ECDSA) [32] is used for authentication with the key size of 256 bit. The computational cost signature generation and verification is shown in Table 1.

Table 1 Computational cost

6.1 Privacy

In SPAWN, to prevent traffic analysis, an observer sends the caution and report through an anonymous communication system so that misbehaving user could not discover the identity of the sender. There is no public key or identity-related information in a report, and the verification process is based on the zero knowledge proof as discussed in [33].

6.2 Accountability

If a user does not send a cooperation message upon receiving a caution, then he/she is marked as malicious. To ensure a malicious user misusing an obscurity feature, genuine users need to find a valid record of the distinguished user, i.e. in each item in i LIST has copies distributed in all the nodes in the network. If a user does not send a cooperation message after receiving caution, then the identity of the user will be revealed to the other users in the networks.

This section also discusses the considerable attacks and present possible countermeasures.

6.2.1 Impersonation attacks

Impersonation attacks are only possible for inside attackers. Even if malicious users compromise multiple users in the network and collect additional report, they cannot differentiate the reports sent by a user from those sent by others. Thus, compromising more users does not increase the probability of deducing the identity of the sender, i.e. the observer obscurity.

6.2.2 DoS attacks

DoS attacks aim to deplete resources, including computation capability, bandwidth, memory, energy, etc. DoS attacks can be initiated from outside attackers as eavesdroppers or inside attackers. In the proposed architecture, DoS attacks can be launched against the event reporting procedure and is restrained by the accountability property.

7. Performance analysis

This section evaluates the performance and effectiveness of the proposed architecture.

7.1 Simulation setup

The proposed technique for MANET is implemented on ns2 simulator version 2.32 and evaluates its performance by comparing with the basic AODV routing protocol and MIPMANET as discussed in the “Related works” section. The network scenario parameters used for simulation are listed in Table 2. In the simulation scenario, an ad hoc network of size 700m × 700m consists of 100 mobile nodes and the node in blue color is OCM and the nod red color is an adversary. Simulation is done with the benchmarks on a 2-GHz Pentium Dual Core platform. The mobile nodes are moving in the field according to the random waypoint model, and their average speeds range from 0 to 10 m/s. The bidirectional constant bit rate (CBR) traffic is generated and the radio range of mobile node is 250 m.

Table 2 Scenario parameters

7.2 Simulation results

This section demonstrates the results and observations of the proposed SPAWN. The proposed SPAWN is compared with MIPMANET and AODV under the same network settings with respect to the metrics of packet delivery ratio, end-to-end delay, routing packet overhead and throughput.

Figure 6a shows the performance of SPAWN under node mobility such as 0, 2, 4 m/s, etc. The packet delivery ratio of SPAWN is better than MIPMANET and far better than AODV with varying mobile speed. The packet delivery ratio is 98% for SPAWN and MIPMANET when there is no mobility whereas it is 89% for AODV. Under the mobility of 10 m/s the SPAWN provides 92% of packet delivery ratio which is better than MIPMANET and AODV. Figure 6b shows the end-to-end delay of all the three protocols. The proposed SPAWN shows the minimal delay than the rest of the protocols. Figure 6c demonstrates the routing packet overhead of SPAWN and MIPMANET that is almost similar under the mobility of up to 6 m/s but there is a significant difference for both the protocols under the mobility of 10 m/s. The AODV has got the high overhead than SPAWN and MIPMANET. Figure 6d shows that when there is no mobility, the throughput of SPAWN and MIPMANET is equal but for AODV, it is less. But under varying speed of mobile nodes, the SPAWN performs better than rest of the two protocols.

Figure 6

Performance comparison of SPAWN, MIPMANET and AODV under mobility. (a) Mobility vs. packet delivery ratio. (b) Mobility vs. end-to-end delay. (c) Mobility routing packet overhead. (d) Mobility vs. throughput.

Obviously, as the number of misbehaving nodes increases in the network, the number of genuine/trusted nodes decreases. Thus, decreases the routing performance. The proposed SPAWN is compared with MIPMANET and AODV with varying number of misbehaving nodes. Figure 7a shows that the packet delivery ratio is almost similar for all the three protocols but the performance going down when the misbehaving nodes increases gradually. When 50% of the mobile nodes are misbehaving in the network, the packet delivery ratio of SPAWN is 82% whereas it is 80% and 50% for MIPMANET and AODV, respectively. Figure 7b shows that the end-to-end delay of the proposed SPAWN performs significantly better than MIPMANET and AODV when the misbehaving nodes increase from 0% to 50%. In Figure 7c, the routing packet overhead of SPAWN is very close to MIPMANET but far better than AODV. Figure 7d shows that comparatively, SPAWN has got better throughput than both the MIPMANET and AODV with varying number of misbehaving nodes.

Figure 7

Performance comparison of SPAWN, MIPMANET and AODV with varying number of misbehaving nodes. (a) Misbehaving nodes vs. packet delivery ratio. (b) Misbehaving nodes vs. end-to-end delay. (c) Misbehaving nodes vs. routing packet overhead. (d) Misbehaving nodes vs. throughput.

8. Conclusions

The SPAWN addresses the privacy and security issues in mobile ad hoc networks when it is integrated with the fixed network to access the internet. The architecture adapts the modules such as watchdog, trust estimation and reputation in order to monitor and determine the mobile nodes trust and reputation. Based on these factors, an observer decides the node state and reports to the other users in the network if it is a misbehaving node (outlier or malicious). The SPAWN adapts the k-times anonymous authentication scheme and onion routing to achieve privacy- and security-related goals. So, the proposed architecture has its own importance in mobile ad hoc networks in the integrated environment. The simulation results prove the performance of SPAWN.

The proposed architecture is suitable for a constrained number of mobile nodes. If the number of mobile nodes exceeds the threshold in a network, then the mobile node energy consumption is comparatively high. So, the scalability factor needs to be considered in addition with existing concepts in the future.


  1. 1.

    Qaddour J, Barbour R: Evolution to 4G wireless: problems, solutions, and challenges. Cairo, Egypt: Paper presented in the 3rd ACS/IEEE international conference on computer systems and applications; 2005:78-I.

    Google Scholar 

  2. 2.

    Axiotis D, Al-Gizawi T, Peppas K, Protonotarios E, Lazarakis F, Papadias C, Philippopoulos P: Services in interworking 3G and WLAN environments. IEEE Wirel Commun 2004, 11(5):14-20. 10.1109/MWC.2004.1351677

    Article  Google Scholar 

  3. 3.

    Lott M, Siebert M, Bonjour S, von Hugo D, Weckerle M: Interworking of WLAN and 3G systems. IEE Proc Comm 2004, 151(5):507-513. 10.1049/ip-com:20040600

    Article  Google Scholar 

  4. 4.

    Komninos N, Vergados DD, Douligeris C: A two‒step authentication framework for mobile ad hoc networks. China Commun J 2007, 4(1):28-39.

    Google Scholar 

  5. 5.

    El Defrawy K, Tsudik G: Privacy-preserving location-based on-demand routing in MANETs. IEEE J Sel Area Comm 2011, 29(10):1926-1934.

    Article  Google Scholar 

  6. 6.

    Loay A, Ashfaq K, Mohsen G: A survey of secure mobile ad hoc routing protocols. IEEE Commun Surv Tutorials 2008, 10(4):78-93.

    Article  Google Scholar 

  7. 7.

    Jianli P, Subharthi P, Raj J: A survey of the research on future internet architectures. IEEE Commun Mag 2011, 49(7):26-36.

    Article  Google Scholar 

  8. 8.

    Abduljalil FM, Bodhe SK: A survey of integrating IP mobility protocols and mobile ad hoc networks. IEEE Commun Surv Tutorials 2007, 9(1):14-30.

    Article  Google Scholar 

  9. 9.

    Irshad A, Shafiq M, Rahman A, Khurram S, Usman M, Irshad E: A secure interaction among nodes from different MANET groups using 4G technologies. In International Conference on Emerging Technologies. Islamabad; 2009:476-481.

    Google Scholar 

  10. 10.

    Shuo D: A Survey on Integrating MANETs with the Internet: Challenges and Designs. Comput Comm 2008, 31(14):3537-3551. 10.1016/j.comcom.2008.04.014

    Article  Google Scholar 

  11. 11.

    Imrich C, Marco C, Jennifer L: Mobile ad hoc networking: imperatives and challenges. Ad Hoc Netw 2003, 1(1):13-64. 10.1016/S1570-8705(03)00013-1

    Article  Google Scholar 

  12. 12.

    Sun Y, Royer E, Perkins CE: Internet connectivity for ad hoc mobile networks. Int J Wireless Inform Network 2002, 9(2):75-78. 10.1023/A:1015399632291

    Article  Google Scholar 

  13. 13.

    Teranishi I, Furukawa J, Sako K: K-times anonymous authentication. In Proceedings of ASIACRYPT. Jeju Island; 2004:308-322.

    Google Scholar 

  14. 14.

    Kong J, Hong X: ANODR: Anonymous On-Demand Routing with Untraceable Routes for Mobile Ad-hoc Networks. In Proceedings of 4th ACM International Symposium on Mobile Ad Hoc Networking and Computing. Annapolis; 2003:291-302.

    Google Scholar 

  15. 15.

    Wakikawa R, Matsutani H, Koodli R, Nilsson A, Murai J: Mobile Gateways for Mobile Ad-Hoc Networks with Network Mobility Support. In Proceedings of 4th International Conference on Networking. Reunion Island, France; 2005:17-21.

    Google Scholar 

  16. 16.

    Jonsson U, Alriksson F, Larsson T, Johansson P, Maguire J: MIPMANET Mobile IP for Mobile Ad Hoc Networks. Boston, MA: Paper presented in the 1st annual workshop on mobile and ad hoc networking and computing; 2000:75-85.

    Google Scholar 

  17. 17.

    Broch J, Maltz DA, Johnson DB: Supporting Hierarchy and Heterogeneous Interfaces in Multi-hop Wireless Ad Hoc Networks. In Proceedings of the International Symposium on Parallel Architectures, Algorithms and Networks. Perth; 1999:370-375.

    Chapter  Google Scholar 

  18. 18.

    Kock BA, Schmidt JR: Dynamic Mobile IP Routers in Ad Hoc Networks. Netherlands: Paper presented in the international workshop on wireless ad-hoc networks; 2004:130-134.

    Google Scholar 

  19. 19.

    Tseng Y, Shen C, Chen W: Integrating mobile IP with ad hoc networks. IEEE Comput Soc 2003, 36(5):48-55.

    Article  Google Scholar 

  20. 20.

    CE Perkins J, Thomas NY: Yorktown Heights, Mobile-IP, Ad-hoc Networking, and Nomadicity. In Proceedings of 20th International Conference on Computer Software and Applications Conference. Seoul; 1996:472-476.

    Chapter  Google Scholar 

  21. 21.

    Reed MG, Syverson PF, Goldschlag DM: Anonymous connections and onion routing. IEEE J Sel Area Comm 1998, 16(4):482-494. 10.1109/49.668972

    Article  Google Scholar 

  22. 22.

    Seys S, Preneel B: ARM: Anonymous Routing Protocol for Mobile Ad hoc Networks. In Proceedings of the International Conference on Advanced Information Networking and Applications. Switzerland: IEEE Computer Society, Washington, DC; 2009:145-155.

    Google Scholar 

  23. 23.

    Sy D, Chen R, Bao L: ODAR: On-Demand Anonymous Routing in Ad Hoc Networks. In Proceedings of the 3rd IEEE International Conference on Mobile Ad-hoc and Sensor Systems. Vancouver, BC; 2006:267-275.

    Google Scholar 

  24. 24.

    Zhang Y, Liu W, Lou W, Fang Y: MASK: anonymous on-demand routing in mobile ad hoc networks. IEEE Trans Wireless Comm 2006, 5(9):2376-2385.

    Article  Google Scholar 

  25. 25.

    Choi H, Enck W, Shin J, McDaniel P, La Porta T: ASR: anonymous and secure reporting of traffic forwarding activity in mobile ad hoc networks, Springer Link. Wireless Netw 2009, 15(4):525-539. 10.1007/s11276-007-0067-0

    Article  Google Scholar 

  26. 26.

    Zhu B, Ren K, Wang L: Anonymous Misbehavior Detection in Mobile Ad Hoc Networks. In Proceedings of 28th International Conference on Distributed Computing Systems Workshops. Beijing: IEEE Computer Society; 2008:358-363.

    Google Scholar 

  27. 27.

    Pan J, Li J: MASR: An Efficient Strong Anonymous Routing Protocol for Mobile Ad Hoc Networks. In Proceedings of the International Conference on Management and Service Science. Wuhan; 2009:1-6.

    Google Scholar 

  28. 28.

    Cha H, Park J, Kim H: Extended Support for Global Connectivity for IPv6 Mobile Ad Hoc Networks, Internet-Draft draft-cha-manet-extended-support-globalv6-00.txt. South Korea: Mobile Ad Hoc Networking Group; 2003.

    Google Scholar 

  29. 29.

    Xi J, Bettstetter C: Wireless Multi-Hop Internet Access: Gateway Discovery, Routing, and Addressing. In Proceedings of International Conference on Third Generation Wireless and Beyond (3Gwireless). San Francisco; 2002.

    Google Scholar 

  30. 30.

    Perkins C, Belding-Royer E, Das S: Ad Hoc On-Demand Distance Vector (AODV) routing, RFC 3561. 2003.

    Google Scholar 

  31. 31.

    Gunasekaran M, Premalatha K: TEAP: trusted-enhanced anonymous on demand routing protocol for mobile ad hoc networks. IET Inf Secur 2012, 7(3):203-211.

    Article  Google Scholar 

  32. 32.

    Johnson D, Menezes A, Vanstone S: The elliptic curve digital signature algorithm (ECDSA). Int J Inform Secur 2001, 1(1):36-63.

    Article  Google Scholar 

  33. 33.

    Huang Q, Jao D, Wang HJ: Applications of Secure Electronic Voting to Automated privacy Preserving Troubleshooting. New York: ACM; 2005:68-80.

    Google Scholar 

Download references

Author information



Corresponding author

Correspondence to Muthumanickam Gunasekaran.

Additional information

Competing interests

The authors declare that they have no competing interests.

Authors’ original submitted files for images

Rights and permissions

Open Access This article is distributed under the terms of the Creative Commons Attribution 2.0 International License (, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Reprints and Permissions

About this article

Cite this article

Gunasekaran, M., Premalatha, K. SPAWN: a secure privacy-preserving architecture in wireless mobile ad hoc networks. J Wireless Com Network 2013, 220 (2013).

Download citation


  • Trust
  • Security
  • Privacy
  • Obscurity and routing