SECURE DATA TRANSMISSION-USING DYNAMIC ROUTING AND VULNERABILITY EVALUATION

Similar documents
SECURE DATA TRANSMISSION USING INDISCRIMINATE DATA PATHS FOR STAGNANT DESTINATION IN MANET

PERFORMANCE ANALYSIS OF AD-HOC ON DEMAND DISTANCE VECTOR FOR MOBILE AD- HOC NETWORK

Cloud Computing: A CRM Service Based on a Separate Encryption and Decryption using Blowfish algorithm

Route Discovery Protocols

Distance Vector Routing Protocols. Routing Protocols and Concepts Ola Lundh

Routing Protocols (RIP, OSPF, BGP)

COMPARATIVE ANALYSIS OF ON -DEMAND MOBILE AD-HOC NETWORK

Performance Evaluation of AODV, OLSR Routing Protocol in VOIP Over Ad Hoc

Behavior Analysis of TCP Traffic in Mobile Ad Hoc Network using Reactive Routing Protocols

A Study of New Trends in Blowfish Algorithm

Performance Analysis of Load Balancing in MANET using On-demand Multipath Routing Protocol

Lecture 2.1 : The Distributed Bellman-Ford Algorithm. Lecture 2.2 : The Destination Sequenced Distance Vector (DSDV) protocol

A Comparison Study of Qos Using Different Routing Algorithms In Mobile Ad Hoc Networks

Introduction to LAN/WAN. Network Layer


SIMULATION STUDY OF BLACKHOLE ATTACK IN THE MOBILE AD HOC NETWORKS

Survey on Load balancing protocols in MANET S (mobile ad-hoc networks)

Comparison of RIP, EIGRP, OSPF, IGRP Routing Protocols in Wireless Local Area Network (WLAN) By Using OPNET Simulator Tool - A Practical Approach

Fast and Secure Data Transmission by Using Hybrid Protocols in Mobile Ad Hoc Network

Administrative Distance

Performance Comparison of AODV, DSDV, DSR and TORA Routing Protocols in MANETs

CROSS LAYER BASED MULTIPATH ROUTING FOR LOAD BALANCING

Assignment #3 Routing and Network Analysis. CIS3210 Computer Networks. University of Guelph

ISSUES AND CHALLENGES OF QUALITY OF SERVICE IN MOBILE ADHOC NETWORK

CHAPTER 6. VOICE COMMUNICATION OVER HYBRID MANETs

Security over Cloud Data through Encryption Standards

Chapter 9. IP Secure

Optimization of AODV routing protocol in mobile ad-hoc network by introducing features of the protocol LBAR

Internet Firewall CSIS Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS net15 1. Routers can implement packet filtering

Remote Home Security System Based on Wireless Sensor Network Using NS2

DESIGN AND DEVELOPMENT OF LOAD SHARING MULTIPATH ROUTING PROTCOL FOR MOBILE AD HOC NETWORKS

Advanced Networking Routing: RIP, OSPF, Hierarchical routing, BGP

Chapter 4. Distance Vector Routing Protocols

Routing with OSPF. Introduction

MINI-FAQ: OpenBSD 2.4 IPSEC VPN Configuration

Thwarting Selective Insider Jamming Attacks in Wireless Network by Delaying Real Time Packet Classification

Adaptive Multiple Metrics Routing Protocols for Heterogeneous Multi-Hop Wireless Networks

Robust Routing in Wireless Ad Hoc Networks

Step by Step Procedural Comparison of DSR, AODV and DSDV Routing protocol

Transport layer issues in ad hoc wireless networks Dmitrij Lagutin,

LIST OF FIGURES. Figure No. Caption Page No.

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

Datagram-based network layer: forwarding; routing. Additional function of VCbased network layer: call setup.

10CS64: COMPUTER NETWORKS - II

Keywords: DSDV and AODV Protocol

CONTROLLING IP SPOOFING THROUGH PACKET FILTERING

PERFORMANCE ANALYSIS OF AODV, DSR AND ZRP ROUTING PROTOCOLS IN MANET USING DIRECTIONAL ANTENNA

A Catechistic Method for Traffic Pattern Discovery in MANET

CHAPTER 6 SECURE PACKET TRANSMISSION IN WIRELESS SENSOR NETWORKS USING DYNAMIC ROUTING TECHNIQUES

SBSCET, Firozpur (Punjab), India

A Fast Path Recovery Mechanism for MPLS Networks

VoIP over MANET (VoMAN): QoS & Performance Analysis of Routing Protocols for Different Audio Codecs

MAXIMIZING THE LIFETIME OF NETWORK SECURITY BY DSDV PROTOCOL USING GAME THEORY TECHNIQUES IN WIRELESS SENSOR NETWORK

13 Virtual Private Networks 13.1 Point-to-Point Protocol (PPP) 13.2 Layer 2/3/4 VPNs 13.3 Multi-Protocol Label Switching 13.4 IPsec Transport Mode

QoSIP: A QoS Aware IP Routing Protocol for Multimedia Data

A Novel Pathway for Portability of Networks and Handing-on between Networks

A PERFORMANCE EVALUATION OF COMMON ENCRYPTION TECHNIQUES WITH SECURE WATERMARK SYSTEM (SWS)

Security in Ad Hoc Network

How To Write A Transport Layer Protocol For Wireless Networks

Intelligent Agents for Routing on Mobile Ad-Hoc Networks

Bit Chat: A Peer-to-Peer Instant Messenger

An Experimental Study of Cross-Layer Security Protocols in Public Access Wireless Networks

Achieving Energy Efficiency in MANETs by Using Load Balancing Approach

Outline. Internet Routing. Alleviating the Problem. DV Algorithm. Routing Information Protocol (RIP) Link State Routing. Routing algorithms

Study of Different Types of Attacks on Multicast in Mobile Ad Hoc Networks

Load-balancing Approach for AOMDV in Ad-hoc Networks R. Vinod Kumar, Dr.R.S.D.Wahida Banu

Security Considerations for Intrinsic Monitoring within IPv6 Networks: Work in Progress

Study of Network Characteristics Incorporating Different Routing Protocols

Computer Networks - CS132/EECS148 - Spring

CS335 Sample Questions for Exam #2

AN EFFICIENT LOAD BALANCING ALGORITHM FOR A DISTRIBUTED COMPUTER SYSTEM. Dr. T.Ravichandran, B.E (ECE), M.E(CSE), Ph.D., MISTE.,

Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network.

Dynamic Routing Protocols II OSPF. Distance Vector vs. Link State Routing

Mobile Security Wireless Mesh Network Security. Sascha Alexander Jopen

Hosts Address Auto Configuration for Mobile Ad Hoc Networks

Architecture of distributed network processors: specifics of application in information security systems

Modeling and Simulation of Routing Protocols in the Cloud

AntHocNet: an Ant-Based Hybrid Routing Algorithm for Mobile Ad Hoc Networks

Securing IP Networks with Implementation of IPv6

Routing Analysis in Wireless Mesh Network with Bandwidth Allocation

OSPF Version 2 (RFC 2328) Describes Autonomous Systems (AS) topology. Propagated by flooding: Link State Advertisements (LSAs).

IP Multicasting. Applications with multiple receivers

Simulation Based Analysis of VOIP over MANET

LOAD BALANCING AS A STRATEGY LEARNING TASK

A Workload-Based Adaptive Load-Balancing Technique for Mobile Ad Hoc Networks

How To Analyze The Security On An Ipa Wireless Sensor Network

Secure Data Transmission in Wireless Sensor Network Using Randomized Dispersive Routing Algorithm

G.Vijaya kumar et al, Int. J. Comp. Tech. Appl., Vol 2 (5),

ROUTE MECHANISMS FOR WIRELESS ADHOC NETWORKS: -CLASSIFICATIONS AND COMPARISON ANALYSIS

Efficient Load Balancing Routing in Wireless Mesh Networks

Dynamic Source Routing in Ad Hoc Wireless Networks

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

MPLS VPN in Cellular Mobile IPv6 Architectures(04##017)

Transcription:

SECURE DATA TRANSMISSION-USING DYNAMIC ROUTING AND VULNERABILITY EVALUATION S.Kavin hari hara sudhan(1), (1)M.Tech student in Computer Science and Engineering Dr.MGR Educational and Research Institute, Chennai, Tamilnadu, INDIA Abstract In the present scenario secure data transmission is achieved by complex cryptographic algorithms. These complex cryptographic algorithm leads to increase in the number of cycles per byte data processing. In the present situation we are in the need of power reduction, so we have to reduce the processing time, power utilization, and increase through put by using less complex cryptography algorithms. But as security as concern this less complex algorithms are lagging so we are adopting dynamic routing with vulnerability evaluation for better security. In our proposed method we are going to use dynamic routing and evaluating vulnerable node as well as vulnerable path, which will increase the security. And will reduce time delay and computation. In this dynamic routing we are adopting one additional feature like no two consecutive packets through similar noded paths to enhance the security. In this paper we are adopting blowfish encryption algorithm which is very simple, less time consuming, less power consumption, which has been identified by comparing with other encryption algorithms. So with the help of least complex encryption algorithm we are going to achieve better security by using dynamic routing and vulnerability evaluation. Key terms: Data transmission, Dynamic routing, Randomization, Security, Vulnerability. 1. Introduction In the past decades, various security-enhanced measures have been proposed to improve the security of data transmission over public networks. Existing work on security-enhanced data transmission includes the designs of cryptography algorithms and system infrastructures and security-enhanced routing methods. Their common objectives are often to defeat various threats over the Internet, including eavesdropping, spoofing, session hijacking, etc. Among many well-known designs for cryptograph based systems, the IP Security (IPSec) [8] and the Secure Socket Layer (SSL) [4] are popularly supported and implemented in many systems and platforms. Although IPSec and SSL do greatly improve the security level for data transmission, they unavoidably introduce substantial overheads [1], [9], especially on gateway/host performance and effective network bandwidth. For example, the data transmission overhead is 5 cycles/byte over an Intel Pentium II with the Linux IP stack alone, and the overhead increases to 58 cycles/byte when Advanced Encryption Standard (AES) [1] is adopted for encryption/decryption for IPSec. Another alternative for security-enhanced data transmission is to dynamically route packets between each source and its destination so that the chance for system break-in, due to successful interception of consecutive packets for a session, is slim. The intention of security-enhanced routing is different from the adopting of multiple paths between a source and a destination to increase the throughput of data transmission. In our proposed work we are adopting vulnerability evaluation in both node as well as path. The vulnerable node is one in which is having more number of connections. The vulnerable path is one in which is having more nodes to reach the destination. In particular, Lou et al[6][7]. proposed a secure routing protocol to improve the security of end-to-end data transmission based on multiple path deliveries. The set of multiple paths between each source and its destination is determined in an online fashion, and extra control message exchanging is needed. Bohacek et al. proposed a secure stochastic routing mechanism to improve routing security. Similar to the work proposed by Lou et al., a set of paths is discovered for each source and its destination in an online fashion based on message flooding. Thus, a mass of control messages is needed. Yang and Papavassiliou explored the trading of the security level and the traffic dispersion. They proposed a traffic dispersion scheme to reduce the probability of eavesdropped information along the used paths provided that the set of data delivery paths is discovered in advance. Although excellent research results have been proposed for security-enhanced dynamic routing, many of them rely on the discovery of multiple paths either in an online or offline fashion. For those online path searching approaches, the discovery of multiple paths involves a significant number of control signals over the Internet. On the other hand, the discovery of paths in an offline fashion might not be suitable to networks with a dynamic changing configuration. Therefore, we will propose a ISSN NO: 225-3536 VOLUME 2, ISSUE 2, MAY 212 6

dynamic routing algorithm to provide security enhanced data delivery without introducing any extra control messages. The objective of this work is to explore a security enhanced dynamic routing algorithm based on distributed routing information widely supported in existing wired and wireless networks. We aim at the randomization of delivery paths for data transmission to provide considerably small path similarity (i.e., the number of common links between two delivery paths) of two consecutive transmitted packets. The proposed algorithm should be easy to implement and compatible with popular routing protocols, such as the Routing Information Protocol (RIP) for wired networks [2] and Destination-Sequenced Distance Vector (DSDV) protocol for wireless networks [3], over existing infrastructures. These protocols shall not increase the number of control messages if the proposed algorithm is adopted. An analytic study will be presented for the proposed routing algorithm, and a series of simulation study will be conducted to verify the analytic results and to show the capability of the proposed algorithm. Our security enhanced dynamic routing could be used with cryptography- based system designs to further improve the security of data transmission over networks. 3.1.Dynamic routing protocol Function(s) of Dynamic Routing Protocols: Dynamically share information between routers. Automatically update routing table when topology changes. Determine best path to a destination. 2.Existing work Every node in the network is given a routing table and a link table using Hello protocol. The security has been enhanced only by using cryptographic algorithms. construction and maintenance of routing tables are revised based on the well-known Bellman-Ford algorithm The discovery of paths in an offline fashion might not be suitable to networks with a dynamic changing configuration which has been used in existing system. In the existing system vulnerability evaluation is not possible. 3.Related work The proposed algorithm implement s popular routing protocols, such as 1. Routing Information Protocol (RIP) for wired networks 2. Destination-Sequenced Distance Vector (DSDV) protocol for wireless networks. Those based on RIP, each node maintains a routing table. If the proposed algorithm is implemented over RIP with equal cost links, then the Resulted path set would be the same as that generated by an equal-cost multipath protocol based on RIP. Fig 1-Periodical updating routing table 3.2.Routing Information Protocol (RIP) The Routing Information Protocol (RIP) is a distancevector routing protocol, which employs the hop count as a routing metric. RIP prevents routing loops by implementing a limit on the number of hops allowed in a path from the source to a destination. The maximum number of hops allowed for RIP is 15. This hop limit, however, also limits the size of networks that RIP can support. A hop count of 16 is considered an infinite distance and used to deprecate inaccessible, inoperable, or otherwise undesirable routes in the selection process. How RIP works. What makes RIP work is a routing database that stores information on the fastest route from computer to computer, an update process that enables each router to tell other routers which route is the fastest from its point of view, and an update algorithm that enables each router to update its database with the fastest route communicated from neighboring routers: Database. Each RIP router on a given network keeps a database that stores the following information for every computer in that network: ISSN NO: 225-3536 VOLUME 2, ISSUE 2, MAY 212 7

this: o IP Address. The Internet Protocol address of the computer. o Gateway. The best gateway to send a message addressed to that IP address. o Distance: The number of routers between this router and the router that can send the message directly to that IP address. o Route change flag. A flag that indicates that this information has changed, used by other routers to update their own databases. o Timers. Various timers. Algorithm. The RIP algorithm works like Update. At regular intervals each router sends an update message describing its routing database to all the other routers that it is directly connected to. Some routers will send this message as often as every 3 seconds, so that the network will always have up-to-date information to quickly adapt to changes as computers and routers come on and off the network. Propagation. When a router X finds that a router Y has a shorter and faster path to a router Z, then it will update its own routing database to indicate that fact. Any faster path is quickly propagated to neighboring routers through the update process, until it is spread across the entire RIP network. A mathematical description of this algorithm is shown below. This is a simple distance vector protocol. It has been enhanced with various techniques, including Split Horizon and Poison Reverse in order to enable it to perform better in somewhat complicated networks. The longest path cannot exceed 15 hops. RIP uses static metrics to compare routes. The maximum datagram size is 512 bytes not including the IP or UDP headers. 3.2.2.RIP version 2 (RIPv2) This version added several new features. External route tags. Subnet masks. Next hop router addresses. Authentication. Multicast support. 3.3.Destination sequenced distance vector (DSDV) Each entry in the routing table contains a sequence number, the sequence numbers are generally even if a link is present; else, an odd number is used. The number is generated by the destination, and the emitter needs to send out the next update with this number. Routing information is distributed between nodes by sending full dumps infrequently and smaller incremental updates more frequently. Let D(i,j) be the metric for the best route from router i to router j. Let d(i,j) represent the distance from router i to router j, set to infinite if i and j are the same or if i and j are not immediate neighbors. The best distance is then D ( i, i ) =, for all i D ( i, j ) = min ( d ( i, k ) + D ( k, j ) ), for i <> j, over all k 3.2.1.RIP version 1 (RIPv1) Fig 2 DSDV For example the routing table of Node A in this network is Destination Next Hop Number of Hops Sequence Number Install Time A A A 46 1 B B 1 B 36 12 C B 2 C 28 15 ISSN NO: 225-3536 VOLUME 2, ISSUE 2, MAY 212 8

AES 3 blow fish AES 3 Blow fish AES 3 Blowfish 3 RSA Blowfish International Journal of Advanced Technology & Engineering Research (IJATER) If a router receives new information, then it uses the latest sequence number. If the sequence number is the same as the one already in the table, the route with the better metric is used. Stale entries are those entries that have not been updated for a while. Such entries as well as the routes using those nodes as next hops are deleted. 3.4.Vulnerability evaluation protocol 25 2 15 1 5 Throughput(Me gabyte/sec) 3.4.1.Evaluating vulnerable node The node which is having more number of connections, that node is said to be vulnerable node. This evaluation will reduce the chance of getting hacked. 3.4.2.Evaluating vulnerable path The path which is having more number of nodes to cross, that path is said to be vulnerable path. These evaluations will be useful in future routing. 3.5.Comparison between various cryptographic algorithms 3. Power consumption (Micro joule/byte) Encryption time is used to calculate the throughput of an encryption scheme. In this section, we calculated CPU work load, Encryption throughput and power consumption for encryption text files without transmission to show which encryption is more powerful than others. The CPU work load (millisecond),throughput (megabytes/second), power consumption (micro joule/byte), and power consumption (percent of battery consumed) are shown in Fig 4 3 2 1 Power consumption(mi crojoule/byte) 1. CPU work load 5 4 3 2 1 CPU work load 4. % of battery power consumed.8.6.4.2 % battery consumed 2. Encryption throughput ISSN NO: 225-3536 VOLUME 2, ISSUE 2, MAY 212 9

5. Time consumption 1. Initialize first the P-array and then the four S-boxes, in order, with a fixed string. This string consists of the hexadecimal digits of pi (less the initial 3).For example: P1 = x243f6a88 P2 = x85a38d3 P3 = x13198a2e P4 = x377344 From the above comparison we can identify that the blowfish algorithm is least complex when comparing with other algorithms. According to this comparison blowfish algorithm has less CPU work load, high encryption through put, less power consumption, less time consumption, less cost. By using such least complex and less secure cryptographic algorithm in our proposed work we can achieve high security by using dynamic routing and vulnerability evaluation. 3.6.BLOW FISH ALGORITHM The input is a 64-bit data element, x. Step 1:Divide x into two 32-bit halves: xl, xr Step 2:For i = 1 to 16: Step 3:xL = xl XOR Pi Step 4:xR = F(xL) XOR xr Step 5:Swap xl and xr Next i Step 6:Swap xl and xr (Undo the last swap.) Step 7:xR = xr XOR P17 Step 8:xL = xl XOR P18 Step 9:Recombine xl and xr 2. XOR P1 with the first 32 bits of the key, XOR P2 with the second 32-bits of the key, and so on for all bits of the key (possibly up to P14). Repeatedly cycle through the key bits until the entire P-array has been XORed with key bits. (For every short key, there is at least one equivalent longer key; for example, if A is a 64-bit key, then AA, AAA, etc., are equivalent keys.) 3. Encrypt the all-zero string with the Blowfish algorithm, using the subkeys described in steps (1) and (2). 4. Replace P1 and P2 with the output of step (3). 5. Encrypt the output of step (3) using the Blowfish algorithm with the modified sub keys. 6. Replace P3 and P4 with the output of step (5). 7. Continue the process, replacing all entries of the P- array, and then all four S-boxes in order, with the output of the continuously-changing Blowfish algorithm. In total, 521 iterations are required to generate all required subkeys. Applications can store the subkeys rather than execute this derivation process multiple times. IGN-ARCHITECTURE DIAGRAM Function F: Step 1:Divide xl into four eight-bit quarters: a, b, c, and d Step 2:F(xL) = ((S1,a + S2,b mod 2 32 ) XOR S3,c) + S4,d mod 2 32 Step 3:Decryption is exactly the same as encryption, except that P1, P2,..., P18 are used in the reverse order. Generating the Sub keys : The sub keys are calculated using the Blowfish algorithm. The exact method is as follows: Fig 3-Architecture diagram ISSN NO: 225-3536 VOLUME 2, ISSUE 2, MAY 212 1

Here we explore a security enhanced dynamic routing algorithm based on distributed routing information widely supported in existing wired and wireless networks. We aim at the randomization of delivery paths for data transmission to provide considerably small path similarity (i.e., the number of common links between two delivery paths) of two consecutive transmitted packets. The proposed algorithm should be easy to implement and compatible with popular routing protocols, such as the Routing Information Protocol (RIP) for wired networks and Destination- Sequenced Distance Vector (DSDV) protocol for wireless networks, over existing infrastructures. These protocols shall not increase the number of control messages if the proposed algorithm is adopted. The analytic study will be presented for the proposed routing algorithm, and a series of simulation study will be conducted to verify the analytic results and to show the capability of the proposed algorithm. 4.Conclusion The proposed system is adopting blowfish which least complex among many cryptographic algorithms by using such algorithm we can achieve better security by using dynamic routing and vulnerability evaluation.this paper has proposed a security-enhanced dynamic routing algorithm based on distributed routing information widely supported in existing networks for secure data transmission and vulnerability evaluation precautionary measures. The proposed algorithm is easy to implement and compatible with popular routing protocols, such as RIP and DSDV, over existing infrastructures. The above procedure will send the data more secure by providing encryption process to the data and the encrypted data will undergo dynamic routing process which is more secure in transferring the data from hop to hop. This proposed system will improve throughput, security, routing, and vulnerability evaluation. Proc. 11th Int l Conf. Computer Comm. and Networks (ICCCN), 22. [6] W. Lou and Y. Fang, A Multipath Routing Approach for Secure Data Delivery, Proc. IEEE Military Comm. Conf. (MilCom), 21. [7] W. Lou, W. Liu, and Y. Fang, SPREAD: Improving Network Security by Multipath Routing, Proc. IEEE Military Comm. Conf. (MilCom), 23. [8] R. Thayer, N. Doraswamy, and R. Glenn, IP Security Document Roadmap, Request for comments (RFC 2411), Nov. 1998. [9] S.-H. Liu, Y.-F. Lu, C.-F. Kuo, A.-C. Pang, and T.- W. Kuo, The Performance Evaluation of a Dynamic Configuration Method over IPSEC, Proc. 24th IEEE Real-Time Systems Symp.: Works in Progress Session (RTSS WIP), 23. [1] C. Kaufman, R. Perlman, and M. Speciner, Network Security PRIVATE Communication in a PUBLIC World, second ed. Prentice Hall PTR, 22. Biographies (1) Author S. Kavin Hari Hara Sudhan is an M.Tech student in computer science & engineering, Dr.MGR University, Chennai, Tamil Nadu, India. He has published 1 paper in international conference and 2 papers in national conferences. He shall be contacted through mailmekavin.s@gmail.com References [1] G. Apostolopoulos, V. Peris, P. Pradhan, and D. Saha, Securing Electronic Commerce: Reducing the SSL Overhead, IEEE Network, 2. [2] G. Malkin, Routing Information Protocol (RIP) Version 2 Carrying Additional Information, Request for comments (RFC 1723),Nov. 1994. [3] C. Perkins and P. Bhagwat, Highly Dynamic Destination-Sequenced Distance-Vector Routing (DSDV) for Mobile Computers, Proc. ACM SIGCOMM 94, pp. 234-244, 1994. [4] Secure Sockets Layer (SSL), http://www.openssl.org/, 28. [5] S. Bohacek, J.P. Hespanha, K. Obraczka, J. Lee, and C. Lim, Enhancing Security via Stochastic Routing, ISSN NO: 225-3536 VOLUME 2, ISSUE 2, MAY 212 11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information