The MANET is a decentralized kind of network, where nodes of the network relay packet to each other on the concept of the store and forward, i.e. nodes may also act as routers finding and maintaining routes to one another. Here, nodes can participate freely and leave without centralized control. Generally, due to the varying velocity of mobile nodes, the network topology may variate arbitrarily and rapidly in an irregular way. Therefore, the phenomenon of frequent link breakage is quite common. The moments of nodes are independent of one another, unlike others which use committed nodes to endorse functions such as network management, packet forwarding, and routing [1]. These functions are distributed to all available nodes by the ad hoc networks since the ambiance causes the nodes to be easily captured and compromised. Hence, it is essential to provide security measures [2, 3]. Therefore, security in MANET is a crucial consideration. In addition, the routing of operations could also be easily compromised if safety measures are not integrated into the network functions.
In general, in MANETs, routing protocols are designed with assumptions that every participating node will fully cooperate with each other. This network does not have any type of centrally administrative services. All networks that function such as network control, routing, forwarding packets, including switching, etc., are communicated between terminals (nodes) either in cooperation or independently. Therefore, coordination between nodes is rather solicited. However, due to its transparent characteristics and restricted on-hand battery power of nodes, malicious activities can also be done in this network. Moreover, the MANETs structure may differ based on their various applications from static, small to dynamic, highly mobile in nature (vehicular, FANET, etc.), and large-scale network which is highly energy constrained [4, 5].
In the MANET environment, the array of mobile wireless nodes is interconnected either for generic aims such as time-critical applications like tactical, law enforcement, and emergency operations or for distinct goals like only shares their resources for ensuring global connectivity [6]. However, few resources, for example, battery power, are consumed rapidly as participating nodes have to perform network functioning tasks. When node power is prime factor for particular environment, so there may chance that denying of sharing own resources in order to save battery power [8]. These participating nodes are termed as misbehaving or selfish nodes and their activities are called misbehaviour or selfishness [10]. This kind of network is a cooperative network. So, in order to provide good cooperation among participant nodes, an already significant amount of control overheads packets is needed. Therefore, security measures are generally not implemented in the protocols to keep the overhead low, i.e. nodes are not checked for maliciousness. Due to this reason, MANETs are easy targets for attackers. The attackers perform the malicious activity in one and most common way by injecting non-cooperative nodes into the network. Therefore, the development and implementation of the intrusion detection system become one of the prime duties in this network.
Already, various techniques [7, 9, 11,12,13,14,15,16,17,18,19,20] have further presented in the literature study in order to identify and reduce the effect of such misbehaviour or selfish nodes in a MANET, and VANET (vehicular ad hoc network) environment, that is, inspections of past works cover intrusion detection and prevention techniques. Many of these techniques have been evaluated based on performance metrics and routing schemes of MANETs. Among various techniques, Watchdog, Pathrater, and 2-ACK [11, 23] are highlighted one, which can significantly identify and reduce the impact of network maliciousness, respectively. Watchdog provides the mechanism to recognize bad elements in the network by overhearing the wireless transmission media and is the passive type of overhearing method, while the Pathrater technique does not allow malicious nodes to participate in the process of route determination. 2-ACK security scheme reduces the bad effect of such immoral elements. From a previously reported works, one can observe that still various issues like obscure and receiver collision, false behaviour, limited transmission range, etc., still need to be addressed and can be considered as a weakness of most highlighted security techniques.
Our proposed system uses the cryptographic mechanism to make the network secure and try to overcome the above-mentioned weakness. Three important security aspects of MANET have been considered, namely secure acknowledgment, node authentication, and packet authentication. Our presented DSSAM performs better, in the sense of identification of malicious nodes and its activities, but with the cost of the significant amount of overheads.
DSSAM is well suited in high level use of various Internet of things (IoT) application scenarios where the proposal will be applicable as security solution in terminal to terminal communications at hybrid ad hoc network solutions. Actually, IoT is the next eon of communication in which physical objects can be empowered to create, receive, and exchange data in a seamless manner with heterogeneous network environment also. The various IoT applications focus on automating different tasks and are trying to empower the inanimate physical objects to act without any human intervention. The existing and upcoming IoT applications are highly promising to increase the level of comfort, efficiency, and automation for the users and for such environment. To be capable to gizmo such an ecosphere in a constantly emergent approach requires better and high security, authentication, privacy, and recovery from attacks. In this respect, it is imperious to make the required modifications in the design of IoT applications for achieving secure IoT atmospheres. In this paper, a detailed discussion and improvement over watchdog to 2-ACK and then 2-ACK to DSSAM method is explained with considering few performance metrics. The proposed DSSAM approach will help to achieve a high degree of trust and increase the level of security in the potential useful IoT applications with hybrid environment such as:
-
a.
Smart transportation system.
-
b.
Smart agriculture and animal farming.
-
c.
Smart emergencies environment.
-
d.
Smart communication at defence scenario.
-
e.
Smart commercial, residential and Industrial area, and many more.
Motivations and principal contributions
Since the last few decades, the outlook of wireless networking is drastically changing due to fast growth in wireless technologies and requirements of new wireless services and various applications as well. The wireless industries have experienced unexcelled growth, from satellite broadcasts into countless households to Wireless Personal Area Networks (WPAN) [13], VANET [15], WSN [16], etc. Consequently, the cost of wireless access falls; hence, it can replace wired access in many aspects. One of the greatest advantages of wireless is to provide connectivity among users while roaming. However, the distance between users is limited due to the short distance of transmitter or their vicinity to Wireless Access Point (WAP) [13]. Later, in the 70s onward era, the development of MANET has overcome this problem by involving intermediate nodes to forward data packets to the outside range of nodes [1, 2].
One of the most vibrant and rapidly growing fields nowadays is the MANET. It is also called as the wireless mobile multi-hop or mobile packet radio network. In this realm, significant research is going on since last nearly fifty years in order to its betterment. Due to infrastructure-less, self-configuring, and self-motivated properties of MANET, it has got possible future applications in different fields such as tactical environments, emergency operations, home and enterprise, commercial, civilian environments, traffic environment [19], location-aware services, and extension of coverage [8, 14]. This network is vulnerable due to its important features such as distributed service, open medium, autonomous terminal, dynamic topology, lightweight terminals, asymmetrical communication, fluctuating link capacity, and constrained capability [27]. These above fundamental characteristics introduce several challenges for researchers in the MANET environment, where security issue is one of the significant issues. MANET can maximize its Quality of Service (QoS) parameters such as throughput, Packet Delivery Fraction (PDF), etc., by using all the intermediate nodes accessible to route and then forwarding packets. However, the node can consequently behave badly by refusing to supply providers or shedding down the packets in the community due to the fact of its selfishness, malicious exercise, etc. [28, 29]. Identifying and preventing misbehaving nodes from them can be one of the biggest challenges for a network like that. The principal contributions of the current research article are as follows:
-
a.
State-of-the-art of various user authentication schemes and intrusion detection strategies have been analysed for the MANET and WSN environment.
-
b.
The MANET application layer has attracted vast research as well as the scientific community during the last few decades. As a result, many user authentication techniques for MANET and WSN have been proposed and published in the literature. Among them, a few most closely relevant to our proposed method are explored.
-
c.
Article also discusses the possible security attacks on different security goals along with its target and prevention schemes.
-
d.
Due to open and decentralized characteristics of MANET, misbehaving or the suspicious nodes may be involved in the process of route discovery. Further, they may refuse to provide the information/services in the network, i.e. deny forwarding the data packets. Therefore, this article tries to identify the existing intrusion detection systems that can identify and prevent disruptive network operations.
-
e.
Existing intrusion detection techniques such as Watchdog and 2-ACK are explored in terms of their strength and weakness.
-
f.
To provide secure authentication and an acknowledgment mechanism in MANET, we proposed DSSAM that is based on RSA digital signature. This scheme overcomes the weakness of existing intrusion detection techniques such as receiver collision and false identity problem.
-
g.
Finally, the proposed authentication approach has been compared with the current techniques.
This research article is structured as follows: immediate subsequent section presents background with a literature survey on co-related work in this area followed by a discussion of intrusion detection techniques in the next section. Moreover, after that digital signature with its needs, including signature creation and verification steps have been discussed in the next section followed by problem definition and the proposed method. Further, performance evaluations of DSSAM, Watchdog, and 2-ack have been made through a simulation study followed by results and discussion. At last, it comes to its conclusion and possible future scope.
Literature survey
The conveyed work in the state-of-the-art of secure acknowledgment in MANET, WSN, and related domain by several scientists and researchers has been presented in this section.
The work in [23] explained routing misbehaviour in MANETs and suggested a 2-ACK technique for identifying and minimizing the impact of selfish nodes in the routing. 2-ACK is based on a simple 2-hop acknowledgment packet that is returned by the next-hop link recipient. The 2-ACK mechanism operates as an alternative routing scheme strategy for detecting routing misconduct and reducing its adverse effects. The 2-ACK mechanism solves several problems, including limited transmission powers, ambiguous collisions, and receiver collisions. The 2-ACK scheme can be used efficiently in DSR in MANET. Trust Aware Routing Protocol (TARP) as an advanced security routing mechanism based on the level of trust was presented and evaluated [24]. TARP is a technique that allows for the search of safe routes in MANET. The authors measured the trust parameter based on a defined set of parameters and used it in TARP. The study shows that TARP will improve an ad hoc network's defence and rising routing congestion while preserving a reasonable route discovery period and an appropriate pause. The routing traffic relates specifically to the collection of nodes that meet the sender's requirements. Two techniques of Watchdog and Pathrater are explained in [11] that helps to increase ad hoc network throughput. Both methods are extensions of DSR algorithms to reduce the impact of ad hoc network routing misconduct. Watchdog identifies nodes that are misbehaved, and the Pathrater strategy helps to redirect protocols to prevent packet movement of those nodes. The yield of these two strategies improves the efficiency of a relatively mobile network by 17 per cent, thus growing the ratio of overhead transmission to data transmission from 9 to 17 per cent of the regular routing protocol.
The black hole attacks are a serious problem widespread in mobile ad hoc networks [25]. Work focuses on the vulnerabilities of MANET, and it looks at the black hole attacks. They portrayed the creation of an enhanced algorithm called Radical Watchdog and Pathrater for recognizing and removing black hole attacks. In the article [26], the authors introduced a scheme called cluster-based trust to alleviate the internal attacks. In this research, the network is divided into cluster groups. Every cluster is certified as having the cluster head. The node decides the trust value and delivers it to the head of the cluster for their one-hop neighbours. In addition, the cluster head gives its participant nodes the certificate of confidence. This mechanism gives a good fraction of packet delivery and resilience to internal attacks. A novel technique is proposed to secure MANETs by addressing network configuration and security issues during the response and recovery phase [27]. This work analysed the threats to security and presented the security goals to be achieved and set up a stable key management system in an ad hoc communication environment. A MANET-based algorithm for effective security and trust management is provided in [28]. In the sense that the produced nonce is not easily detectable, the time-based nonce is produced at specific time intervals that give the suggested approach reliability. It has been compared with the already existing trust-based approach and finds better detection performance of the security threat in MANET. Several techniques are discussed in [29], for example, reverse engineering, repacking, and hex editing to circumvent the host anti-virus signatures. Comprehensive comparison studies were conducted of various methods where malware could get the hosts from outside of the networks. A new honey-net-based intrusion detection technique is also discussed. In MANETs, a complete survey of intrusion detection systems (IDSs) is well presented in [30, 31]. They categorize the architectures for intrusion detection framework in the MANET, and each one is ideal for evaluating and comparing various network infrastructures on node cooperation. Similarly in another research [21], authors proposed pseudonym generation-based genetic algorithm to solve the location privacy problem in vehicular ad hoc network, and thus guaranteed un-traceability by an adversary. Further, authors of [22] study the physical layer security issues in vehicular environment. They show that how the secrecy capacity and secrecy outage probability of a vehicular network can improved with respect to the source power and eavesdropper distance.
Due to vast applications of WSNs, it is ensuring that the only permitted availability of information is accessible via sensor nodes is often an open challenge. In this review work [32, 33], twenty-two features have been presented in which a secure user authentication mechanism should be in place, and then, seven possible schemes were tested against the features specified. The analysis has been started from Wong's work [34] in 2006 and has been concluded at Vaidya et al.’s technique implemented in 2012 [35]. In each scheme, the user impersonation and gateway nodes (GWN) bypass attacks and are likely. There is almost no scheme like that provides consumer confidentiality and repairability in case of failure or theft of smart cards. A scheme that only withstands an impersonation attack by a sensor node and a parallel session attack [36]. The replication attack and the fake verifier attack can only be taken on scheme suggested by Wong et al.’s and Tseng et al.’s in [34, 37]. Yoo et al.'s scheme offer mutual authentication between SN and GWN, and Khan-Alghatbar's scheme achieves success in mutual authentication between users and GWN and even SN and GWN [36, 38]. Just one scheme avoids DoS attack and offers hidden parameter protection to the gateway node. In short, no scheme is completely protected to all available features and all the strategies meet no authentication feature. The network communication security is one of the most important challenges in WSN [39]. HWSNs has optimized network capacity and introduced high-resource network sensor nodes. An efficient adaptive authentication and key management schemes are being proposed for HWSNs in this article. The proposed protocol provides the authentication and key management for HWSNs along with optimization of security level, memory consumption, computational complexity, and overhead coordination which in effect enhances energy efficiency. The key distribution algorithm described here for producing dynamic keys focuses on pre-existing information. Therefore, the exchange of keys does not involve a secure channel and the process of sharing. Therefore, it increases security and energy efficiency.
We carry out an extensive literature review and make an analysis of the existing techniques for the identification and removal of different forms of attacks within the ad hoc network. Our work culminates with the design of a digitally signed secure acknowledgment algorithm for enhanced security in the ad hoc network. It aims to tackle Watchdog's restricted communication power and collision problems with receivers with better securing the system by securing acknowledgment, node authentication, and packet authentication with digital signature technique.