Upload
vuongtruc
View
216
Download
1
Embed Size (px)
Citation preview
SECURE AND ENERGY EFFICIENT ROUTING
ALGORITHMS IN CLUSTER BASED AD HOC NETWORKS
NING SONG
Submitted in partial fulfillment of the requirements for the degree of
Doctor of Philosophy
Electrical and Computer Engineering
Prairie View A&M University
August, 2007
Prof. Lijun Qian, ECE Dept., Advisor
Prof. Dhadesugoor R. Vaman, ECE Dept., Co-Advisor
Prof. John O. Attia, ECE Dept., Committee Member
Prof. Yonggao Yang, CS Dept., Committee Member
Prof. Matthew N. O. Sadiku, ECE Dept., Committee Member
Dr. Shukri Wakid, Hewlett Packard, Committee Member
ii
COPYRIGHT
BY
ARO Center for Battlefield Communications (CeBCom) Research
Department of Electrical and Computer Engineering
Prairie View A&M University
Prairie View, Texas 77446
iii
ABSTRACT OF THE DISSERTATION
Secure and Energy Efficient Routing Algorithms in Cluster Based
Mobile Ad Hoc Networks
by
Ning Song
Dissertation Directors: Professor Lijun Qian, Professor Dhadesugoor R. Vaman
Mobile Ad Hoc Network (MANET) architectures have no fixed infrastructures and
therefore rely heavily on peer-to-peer and multi-hop communications across the radios.
They are severely limited in network capacity and processing power. The power of the
battery in a radio has to be used efficiently in order to support multi-service applications
provisioning. Also, MANET architecture design and underlying algorithms for various
functional components must assure that the network is scalable, bandwidth efficient and
power efficient. In addition, the Quality of Service (QoS) assurance for multi-service
must be achieved with high probability.
In this dissertation, the objective is to design routing protocols that satisfy the
requirements of scalability, power efficiency, bandwidth efficiency and multi-service. In
addition, the routing protocol must maintain minimum security in terms of anonymity on
the connected path between any two radios that are exchanging information. Since the
iv
anonymity is only an option in specific applications such as battlefield network
architecture and not commercial network architecture, two routing algorithms have been
designed and their performance results have been shown in this dissertation. The power
aware QoS multi-path routing is designed for applications which highly require energy
efficiency and QoS assurance. In this scheme, the power control is combined with the
constraint of minimal data rate, which is chosen for QoS assurance; in addition, a realistic
interference model is considered in power control which is ignored in most of power
related routings; maximally disjoint path and dynamic switching scheme are adopted to
guarantee reliability and throughput. Moreover, this scheme is extended to cluster based
architecture so as to achieve scalability. Furthermore, to satisfy the requirement for the
security in battlefield network, the cluster based secure anonymous routing (SARC) is
developed and analyzed to achieve anonymity, including identity privacy and location
privacy, as well as data security. These routing schemes can be integrated in the MANET
architecture and provide multiple choices for different applications.
This research work is supported in part by the U.S. Army Research Office/Army Research Laboratory
(ARO/ARL) under the Cooperative Agreement No.W911NF-04-2-0054. The views and conclusions
contained in this dissertation are those of the author and should not be interpreted as representing the
official policies, either expressed or implied, of the Army Research Office or the U. S. Government.
v
ACKNOWLEDGEMENTS
I would like to express my gratitude to my advisors, Professor Lijun Qian and
Professor Dhadesugoor R. Vaman for their constant and generous guidance, support and
encouragement throughout my Ph. D. studies at Prairie View A&M University.
I would like to thank Professors John O. Attia, Matthew N. O. Sadiku, Yonggao
Yang, and Dr. Shukri Wakid for reading my dissertation, accepting to be on my
dissertation committee and for providing valuable comments and suggestions.
Also, I would like to offer my sincere appreciation to the U.S. Army Research
Office/Army Research Laboratory (ARO/ARL) for supporting my research under the
Cooperative Agreement No.W911NF-04-2-0054.
Finally I would like to thank the Electrical and Computer Engineering Department
for offering me the opportunity to study in this Ph. D. program.
vi
To my parents, my wife and my son
To my sister and my brother
To all the people who have helped or encouraged me
vii
TABLE OF CONTENTS
ABSTRACT OF THE DISSERTATION.................................................................................. III
ACKNOWLEDGEMENTS ......................................................................................................... V
LIST OF TABLES........................................................................................................................ X
LIST OF FIGURES .....................................................................................................................XI
LIST OF ABBREVIATIONS ................................................................................................. XIII
1 INTRODUCTION................................................................................................................. 1
1.1 OVERVIEW .........................................................................................................................................1
1.2 MOTIVATION .....................................................................................................................................3
1.3 PROBLEM STATEMENT.......................................................................................................................6
1.4 SCOPE OF RESEARCH .........................................................................................................................6
1.5 OBJECTIVE OF RESEARCH ..................................................................................................................8
2 BACKGROUND RESEARCH WORKS.......................................................................... 10
2.1 CURRENT ROUTING PROTOCOLS......................................................................................................10
2.1.1 Uniform Topology Routing....................................................................................................11
2.1.2 Hierarchical Routing.............................................................................................................13
2.1.3 Power-Aware and QoS Routing ............................................................................................15
2.1.4 Secure Routing.......................................................................................................................17
2.2 PROBLEMS OF CURRENT RESEARCH EFFORTS .................................................................................19
3 CLUSTER BASED ARCHITECTURE FOR MANET................................................... 21
3.1 BASIC ASSUMPTION AND REQUIREMENT .........................................................................................22
3.2 CLUSTER STRUCTURE ......................................................................................................................23
3.2.1 Network Components.............................................................................................................23
3.2.2 Network Topology .................................................................................................................24
viii
4 POWER AWARE QOS MULTI-PATH ROUTING....................................................... 27
4.1 POWER CONTROL FRAMEWORK AND POWER CONTROL CONNECTIVITY .........................................28
4.1.1 Power Control Framework....................................................................................................29
4.1.2 Centralized Solution ..............................................................................................................30
4.1.3 Distributed Schemes ..............................................................................................................31
4.2 POWER AWARE QOS MULTI-PATH ROUTING ...................................................................................33
4.3 DYNAMIC TRAFFIC SWITCHING .......................................................................................................38
4.4 PERFORMANCE EVALUATION...........................................................................................................41
4.4.1 Simulation Setup....................................................................................................................41
4.4.2 Maximally Disjoint Routing With Different Interference Model ...........................................42
4.4.3 Comparison of SMR, MPSMR, BESMR ................................................................................43
4.4.4 Dynamic Traffic Switching ....................................................................................................46
4.4.5 Effect of Node Mobility..........................................................................................................48
4.4.6 Overhead and Scalability Analysis ........................................................................................50
4.5 EXTENSION TO CLUSTER BASED ARCHITECTURE ............................................................................53
5 SECURE ANONYMOUS ROUTING FOR CLUSTER BASED MANET.................... 58
5.1 SECURITY ARCHITECTURE AND ASSUMPTION..................................................................................58
5.1.1 Cluster Affiliation ..................................................................................................................59
5.1.2 Nodes Join or Leave a Cluster ..............................................................................................60
5.1.3 Key Management ...................................................................................................................61
5.2 SECURE ANONYMOUS ROUTING ......................................................................................................62
5.2.1 Intra-cluster Secure Anonymous Routing..............................................................................62
5.2.2 Inter-cluster Secure Anonymous Routing ..............................................................................66
5.2.3 Efficiency Analysis.................................................................................................................70
5.3 DATA TRANSMISSION ......................................................................................................................72
5.4 ANONYMITY ANALYSIS AND ATTACK ANALYSIS ............................................................................73
5.4.1 Anonymity Analysis ...............................................................................................................73
5.4.2 Attack Analysis ......................................................................................................................81
ix
5.5 PERFORMANCE EVALUATIONS .........................................................................................................83
5.5.1 Implementation Overhead Analysis .......................................................................................83
5.5.2 Route Establish Time.............................................................................................................85
5.5.3 Packet Delivery Ratio............................................................................................................88
5.6 COMPARISONS BETWEEN SECURE ANONYMOUS ROUTING PROTOCOLS...........................................90
5.7 COMPARISONS WITH POWER AWARE QOS ROUTING .......................................................................91
5.8 SYSTEM INTEGRATION OF QOS ROUTING AND ANONYMOUS ROUTING ...........................................95
6 CONCLUSIONS AND FUTURE WORKS ...................................................................... 98
6.1 CONCLUSIONS..................................................................................................................................98
6.2 FUTURE WORKS.............................................................................................................................101
APPENDIX A............................................................................................................................. 103
REFERENCES........................................................................................................................... 105
CURRICULUM VITAE.…..………………………….……………………………………….112
x
LIST OF TABLES
Table 4-1 Comparisons of Routing Schemes with Different Models............................... 43
Table 4-2 Performance Results of Routing and Data Delivery ........................................ 52
Table 4-3 Convergence and Overhead of the Proposed Scheme...................................... 52
Table 5-1 Cluster Member’s Table ................................................................................... 61
Table 5-2 Name-Public Key Mapping Table.................................................................... 64
Table 5-3 Comparisons between Anonymous Routing Protocols .................................... 90
Table 5-4 Comparisons of Three Routing Schemes ......................................................... 97
xi
LIST OF FIGURES
Fig. 3.1 Intra-cluster Communication............................................................................... 24
Fig. 3.2 Inter-cluster Communication............................................................................... 26
Fig. 4.1 Distributed Algorithm for Power Controlled Connectivity Graph...................... 33
Fig. 4.2 Node-Disjoint vs. Link-Disjoint Paths ................................................................ 34
Fig. 4.3 An Iterative Algorithm for Joint Power Control and Maximally Disjoint Routing
........................................................................................................................................... 38
Fig. 4.4 Software Agent for Traffic Monitoring and Switching ....................................... 40
Fig. 4.5 Cumulative Distribution Function (CDF) of the Remaining Energy at Each Node
........................................................................................................................................... 44
Fig. 4.6 Network Lifetime ................................................................................................ 45
Fig. 4.7 Standard Deviation of the Remaining Energy at Each Node (50 nodes) ............ 46
Fig. 4.8 Performance Index (throughput, delay and BER) during Traffic Switching due to
Node Mobility................................................................................................................... 47
Fig. 4.9 Average Number of Re-routing and Average Number of Neighbors vs. Node
Mobility............................................................................................................................. 49
Fig. 4.10 Link Broken Probability .................................................................................... 54
Fig. 4.11 Multi-path Routing between Clusters................................................................ 56
Fig. 5.1 Intra-cluster Routing............................................................................................ 63
Fig. 5.2 Inter-cluster Routing............................................................................................ 66
Fig. 5.3 Anonymity Degree of Intra-cluster Routing........................................................ 76
xii
Fig. 5.4 Example of Inter-cluster Node Distribution ........................................................ 78
Fig. 5.5 Anonymity Degree of Inter-cluster Routing........................................................ 80
Fig. 5.6 Intra-cluster Routing: Packet Fields .................................................................... 84
Fig. 5.7 Inter-cluster Routing: Packet Fields .................................................................... 84
Fig. 5.8 Routing Overhead of SARC and CBRP for Inter-cluster Routing...................... 85
Fig. 5.9 Topology of the Network (GW: square; CM: round).......................................... 87
Fig. 5.10 Inter-cluster Route Establish Time (with and without key index)..................... 88
Fig. 5.11 Packet Delivery Ratio under Different Node Speeds ........................................ 89
Fig. 5.12 Network Topology............................................................................................. 92
Fig. 5.13 Power Consumption .......................................................................................... 94
Fig. 5.14 Routing Overhead.............................................................................................. 94
Fig. 5.15 Routing Schemes Integration............................................................................. 96
xiii
LIST OF ABBREVIATIONS
AODV Ad-hoc On-demand Distance Vector
AODVM Ad hoc On-demand Distance Vector Multi-path Routing
AOMDV Ad hoc On-demand Multi-path Distance Vector
ASR Anonymous Secure Routing
BESMR Balanced Energy Split Multi-path Routing
CA Certificate Authority
CH Cluster Head
CBRP Cluster Based Routing Protocol
CDF Cumulative Distribution Function
CGSR Cluster-Head Gateway Switch Routing
CH Cluster Head
CM Cluster Member
CN Cluster Name
DoS Denial-of-Service
DSDV Dynamic Destination-Sequenced Distance Vector Routing
DSR Dynamical Source Routing
FSR Fisheye State Routing
HSR Hierarchical State Routing
GW Gateway
IP International Protocol
xiv
IV Initialization Vector
KP Private Key
KU Public Key
MANET Mobile Ad Hoc Network
MPSMR Minimum Power Split Multi-path Routing
MSR Multi-path Source Routing
PK Public Key
PKI Public Key Infrastructure
QoS Quality of Service
RREQ Routing Request
RRSP Routing Response
RSA Rivest, Shamir, and Adleman
SARC Secure Anonymous Routing scheme for Cluster based MANET
SEAD Secure Efficient Distance Vector Routing
SIR Signal-to-Interference Ratio
SMR Split Multi-path Routing
SRP Secure Routing Protocol
ZRP Zone Routing Protocol
1
CHAPTER 1
INTRODUCTION
1.1 Overview
A wireless mobile ad hoc network (MANET) is a collection of mobile wireless radios
that are capable of communicating with each other without the aid of any established
infrastructure or centralized management. The radios within a coverage area can
communicate directly by wireless links, while those out of coverage area can
communicate by relaying through multiple radios. Thus, intermediate radios act as hops
in a multi-hop connected path between a source radio and a destination radio. Mobile ad
hoc networks require dynamic self-organizing ability to establish path connectivity
between radios. The complexity of managing continuous path connectivity becomes
higher as the radios are highly mobile and mobility of any radio within the path is random.
Since MANET architectures do not have the concept of Base Station as in the case of
cellular networks, they are required to support peer-to-peer path connectivity and multi-
hop connectivity in order to support multi-service provisioning. They are also required to
handle mobility of the radios by switching and maintaining connectivity to support
services with Quality of Service (QoS) assurance. That is, the radios must be seamlessly
connected in coverage areas and out-of-coverage areas without any fixed
communications infrastructure [1]. Therefore, peer-to-peer connectivity amongst radios
2
and multi-hop connectivity of radios are both needed to ensure multi-service applications
(such as voice, video and data) to maintain QoS assurance with high probability [2].
Unlike classical Internet or cellular networks, where network nodes and end user
devices are different, in MANETs the radios and the network nodes are the same and the
radios can be referred to as nodes. In the remainder of the text, from an architectural point
of view, “radios” will be referred to as “nodes”. In some instances, they are
interchangeably used. In general, MANET architecture consists of the following features
[2, 3]:
• Autonomous and distributed operation - In MANET, each node or radio is
autonomous in the sense it functions as both end system and as a relay that routes
the messages from other nodes. That is, it has a routing function as a relay, but it
is not a typical router. Moreover, nodes collaborate with each other to
independently implement control and management function such as security and
connectivity of paths (both peer-to-peer and multi-hop paths).
• Multi-hop communication - When delivering information packet from a source
to its destination not within a direct wireless transmission range, the packets
should be forwarded via one or more intermediate nodes, using “multi-hop
connected paths”. Because of multi-hop, source can transmit packet to farther
distance while still satisfying the desired throughput.
• Power Control – Power control is a deliberate process to achieve energy
efficiency for exchanging packets between source and destination. For example, if
a peer-to-peer path is used between two nodes for exchanging packets, the power
required to transmit the packets from a source can be large as they are
3
geographically separated within a coverage area. On the other hand, if a multi-hop
path is used, where the geographic separation between adjacent nodes within the
path is smaller, it is possible that the total sum transmit powers of all nodes in the
multi-hop path can be smaller than that of the direct peer-to-peer path between the
source and the destination. Therefore, choosing a multi-hop path in this instance
increases power efficiency. Increased power efficiency enables the use of radio
for longer duration without requiring re-charging.
• Dynamic and flexible network topology - Since MANET architectures have no
fixed nodes (i.e. the nodes are mobile), they need dynamic path creation for data
exchanges between any two nodes. Also, since the paths are “lost and created”
due to mobility of nodes, the network topology is flexible.
Because of the above features, MANET architectures offer unique opportunities for rapid
network deployments for specific scenarios such as battlefield communications, and
commercial space and sea based communications, while its complexity to manage
provisioning of QoS assured multi-service applications and/or anonymity of path
connectivity must be handled with greater care to ensure bandwidth efficiency since
wireless networks have limited capacities. The bandwidth used for managing and
controlling the network must be minimal and most of the available bandwidth has to be
used for end user applications [1, 2, 3, 4, 5].
1.2 Motivation
Despite MANETs having limitations on capacity, transmit power of the nodes; their
usage is very compelling both in military and civilian environments due to their quick
4
and easy deployment. The military application mainly stems from deployment of
battlefield communications to support dismounted soldiers, air and ground vehicles, and
sensor networking. The civilian applications typically come from the need to deploy
sensors in unmanned environments such as oil fields, nuclear reactors and thermal
reactors. However, while the application of MANET is most compelling as a dual-use
technology, achieving power efficient multi-hop connectivity to deliver packets across
the network with mobility handling and design of scalable MANET architecture are the
most challenging aspects. Creating a multi-hop connectivity requires choosing nodes to
forward packets from a source to a destination. In addition, selecting an alternate route
when one or more of nodes in a connected path has moved and thereby disconnect the
path needs to be achieved without disrupting the end-to-end multi-service provisioning.
These two functions are accomplished by the routing function and thus making routing
function a significant issue.
Scalability is an aspect associated with the increasing of the assets in the network
when needed. Also, any optimal design achieved for routing with a small set of nodes
should also be applicable for large set of nodes. Typically in a deployment strategy, a
small finite set of nodes are deployed and later more nodes are added without disrupting
the performance of the previously deployed nodes. It has been shown that MANET
scalability is easily achievable using Cluster-based Architecture with efficient distributed
network management [2]. This dissertation uses the Cluster-Based MANET architecture
proposed by Vaman to develop power efficient multi-hop connectivity to deliver packets
across the network with mobility handling [2].
5
It should be noted that because of the high mobility of nodes and vulnerability of
attack on nodes in MANET, traditional routing methods cannot be directly applied. Also,
provisioning of QoS assurance based multi-service applications support in a dynamically
changing network architecture where new paths must be found instantaneously in order to
maintain QoS assurance is a challenging task [3]. Applications such as image
transmission would require high data rate; whereas voice application would require low
latency. Thus achieving diverse QoS requirements is a significant issue in MANETs due
to the inherent stochastic nature of wireless communications. Unlike wired link, a
wireless link is easily damaged, even broken if the node moves out of range or if it is
interfered by channel fading or jamming signals.
Furthermore, security and privacy are also very important issues in the applications
of MANET. Especially in battlefield, it is extremely important to keep the privacy of the
node location, node identity as well as to guarantee the peer-to-peer authentication, data
confidentiality, and data integrity. However, unlike wired network, MANET is very
vulnerable on security and privacy. Since signal is transmitted and received through the
air, malicious node can easily launch an attack actively or simply eavesdrop on the data
packet. Additionally, MANET cannot simply adopt the security techniques based on
public key infrastructure due to the limit of low memory and computation capacity and
non-infrastructure feature. Therefore, secure anonymous routing is a huge challenge in
MANET. Many researchers are attempting to address these issues, but there have been no
known solutions as of today. All of these issues collectively provide the basic motivation
and lead us to the following problem statement for this dissertation.
6
1.3 Problem Statement
“To design and develop power efficient, secure anonymous routing algorithms for
provisioning of QoS assured multi-services using scalable Cluster Based MANET that
can be flexibly deployed with large number of nodes”.
1.4 Scope of Research
The scope of this dissertation is in the general area of designing efficient routing
protocols for MANET. The design must ensure that it allows network scalability,
provides QoS assurance to applications and protects the network nodes by maintaining
node anonymity when required.
Network architecture has great impact on the design of routing protocol. For instance,
routing designs are very different between wireless sensor network and wireless Local
Area Network (LAN). Clustering is a very effective technique to achieve scalability and
distributed control for ad hoc network, therefore this dissertation focuses on routing in
cluster based mobile ad hoc networks. In this dissertation, architecture design is not the
research goal, whereas we adopt a two tier cluster-based architecture which was proposed
by Vaman [6]. In this architecture, each cluster is composed of cluster head and node.
Cluster heads can communicate directly to their neighbor cluster heads, or communicate
by multi-hop connectivity through node. The node can accept and relay within its
transmission range (in cluster or between clusters). However, no fixed gateway is needed
in this architecture.
QoS is a measure of performance level of a service offered by the network to the
user, including minimum data rate, data throughput, maximum delay, maximum delay
7
jitter, and maximum packet loss rate. However, in this dissertation, as part of QoS
assurance for multi-service applications, only the minimum rate guarantee has been
considered. The use of minimum rate guarantees for different multi-service applications
provides a basis for service differentiation.
The aims of power control are to save the power expenditure, reduce the channel
interference and improve the throughput under low power. Channel interference can be
caused by a node when transmitting at a high power; consequently, it can deteriorate the
link quality and reduce the throughput. For wireless device, power expenditure includes
transmit, receive and sleep power. In this dissertation, we only consider the transmit
power for developing power efficient routing, assuming transmit power is the dominant
factor. Depending on the data transmission requirement to maintain QoS assurance and
the geographic distance between source and destination radios, the transmission power is
varied.
Security issue is limited to address the anonymity of the nodes both in terms of node
identity and node location. Security breach directly impacts the QoS assurance as it can
severely limit the service provisioning. For example, the data rate will deteriorate if an
attacker in the path arbitrarily drops the data packet or forwards packet to wrong
destination. Anonymity is one type of security, which means to keep the node identity
anonymous, hide node location and protect against the correlation between nodes. When
MANET is deployed in battlefield, anonymity of many nodes must be protected
particularly when these nodes are directly involved in the theater. The cluster based
MANET requires cluster head to manage the cluster and it is an important node. It may
8
be deployed by a ground or air vehicle. Anonymity is very crucial for this node. Similarly,
the radios of dismounted soldiers are also needed to be protected.
1.5 Objective of Research
The objective of this dissertation is to design reliable routing protocol for Scalable
Cluster Based MANET that achieves power efficiency, application QoS and anonymity
of nodes.
For achieving this objective, we consider the cluster based MANET architecture. The
design of the routing protocol satisfies the following features:
• Scalability - To support large scale network deployment and dynamic changing
of topology.
• Energy efficiency - To minimize the total transmission power consumption
• Energy balance - To balance the node power consumption, so as to extend
network lifetime.
• QoS assurance - To guarantee the average minimal data transmission rate.
• Reliability - To accommodate node mobility and node failures
• Bandwidth efficiency - To utilize the bandwidth efficiently.
• Security - To provide node identity anonymity and location anonymity.
It is important to note that an efficient routing protocol without providing anonymity of
the nodes is different from that of a routing protocol that provides node anonymity. In
this dissertation, two routing protocols have been designed and implemented. One
achieves power efficiency and QoS assurance for applications without considering node
anonymity; the second achieves power efficiency and QoS assurance for applications
9
with node anonymity. Depending on the environment where MANET is deployed, it is
possible to choose either one of these routing protocols. Also, for the same MANET, it is
possible to deploy both the routing schemes for different applications.
The rest of this dissertation is organized as follows. In chapter 2, the background
research works and the open problems in MANET routing are introduced. In Chapter 3,
the proposed cluster based architecture is discussed. The power aware QoS routing
protocol is addressed in Chapter 4. In Chapter 5, the cluster based anonymous routing,
which is the first in the literature to discuss the anonymity in cluster based ad hoc
network, is developed. Finally the concluding remarks are made in Chapter 6.
10
CHAPTER 2
BACKGROUND RESEARCH WORKS
2.1 Current Routing Protocols
A great number of routing protocols have been proposed for MANET, which can be
classified into several types based on different criteria. Sometimes, these classifications
are not mutually exclusive and some protocols might fall in more than one class. In this
chapter, routing protocols are classified as the following categories [5]:
• Uniform topology routing – Uniform routing adopts a globally unique
addressing mechanism, and thus there is no hierarchical infrastructure. Nodes are
identical. In this dissertation, uniform routing is mainly based on node distance,
hop count or routing overhead.
• Hierarchical routing - Like uniform routing, hierarchical routing uses distance
or overhead as routing metric. However, hierarchical routing makes use of a
logical hierarchy, which is mainly based on the geographical information and
distance; therefore, nodes in different ranks function distinctively.
• Power-aware and QoS routing - Power-aware routing is based on power or
energy metric, and aims at how to minimize power consumption locally or
globally and increase network lifetime. QoS mainly focus on the level of service
offered by the network to the user, including minimum data rate, maximum delay,
maximum delay jitter, and maximum packet loss rate.
11
• Secure routing - This type of protocol mainly considers the requirements of
security and privacy. Generally it can be divided into two sub classes: secure
routing and anonymous routing.
2.1.1 Uniform Topology Routing
2.1.1.1 Single Path Routing
There are two types of routing protocols in MANET: proactive and on-demand (or
reactive) routing.
Proactive routing requires maintaining the global topology information in the form of
tables at every node, and these tables are updated frequently in order to maintain
consistent and accurate network state information. Many protocols are designed for
proactive routing, such as Destination-Sequenced Distance Vector (DSDV) [7], Wireless
Routing Protocol (WRP) [8], Source-Tree Adaptive Routing (STAR) [9], (Optimized
Link State Routing) OLSR [10]. The main benefit of proactive routing protocols is that
they have less routing delay since each node has the path to any destination. However,
they need to update the routes periodically, thus they have the worse performance in
terms of overhead to keep up with the topology changing when the network is mobile.
For on-demand routing, the routing path is established by a routing discovery process
initiated by the source only when it needs to communicate with the destination. Generally
on-demand routing has two processes: route discovery and route maintenance. When the
source doesn’t know the path to the destination, it will initiate a routing request and
broadcast to its neighbors, and then each intermediate node will forward the request till
12
reach the destination. The destination then generates a response packet and sends it back
to the source. Route maintenance is mainly used to check the link or path availability. If a
link is broken, it will initiate a new route discovery or inform the source. The typical
reactive routings include Dynamical Source Routing (DSR) [11], Ad-hoc On-demand
Distance Vector (AODV) [12], Temporally-Ordered Routing Algorithm (TORA) [13],
Location-Aided Routing protocol (LAR) [14], Associativity-Based Routing (ABR) [15],
Signal Stability based Adaptive routing (SSA) [16]. Compared to proactive routing, on-
demand routing does not need to periodically update the routing table, thus effectively
lower the overhead when node moves in considerable speed. However, both schemes do
not address the problem of scalability.
2.1.1.2 Multi-Path Routing
In MANET, a path is easily broken due to node mobility, thus multi-path routing is useful
since it provides alternate paths to a destination. Multi-path routing can also provide load-
balance and fault-tolerance.
Split Multi-path Routing (SMR) [ 17 ] is an on-demand routing protocol that
constructs maximally disjoint paths. SMR is based on DSR but uses a different packet
forwarding mechanism. While DSR discards duplicate routing request (RREQ), SMR
allows intermediate nodes to forward certain duplicate RREQ in order to find more
disjoint paths. In SMR, intermediate nodes forward the duplicate RREQ that traversed
through a different incoming link other than the link from which the first RREQ is
received, and whose hop count is not larger than that of the first received RREQ. Multi-
path Source Routing (MSR) [18] is another extension of DSR, which uses the same
13
routing discovery scheme as DSR, but replies multiple paths to the source. MSR can
guarantee node disjoint path, however, the path might not be optimal; SMR can achieve
better result since it collects more path information, but it costs higher overhead.
Ad hoc On-demand Multi-path Distance Vector (AOMDV) [19] is an extension to
the AODV protocol for computing multiple loop-free and link-disjoint paths. AOMDV
augments the basic AODV route discovery procedure in two ways [19]. First, alternate
loop-free reverse paths are formed at intermediate nodes and the destination by using the
routing information obtained via duplicate route request copies. Second, the destination
generates multiple route replies. These replies travel along multiple loop-free reverse
paths to the source established during the route request propagation phase to yield
multiple loop-free forward paths to the destination. Ad hoc On-demand Distance Vector
Multi-path Routing (AODVM) [20] is another extension to AODV for finding multiple
node disjoint paths, which also records duplicated RREQ, but requires that intermediate
nodes be not allowed to send a route reply directly to the source. Compare with AOMDV,
AODVM can obtain node disjoint paths.
However, all of the above schemes (SMR, MSR, AOMDV and AODVM) do not
consider the issues of scalability, power control, QoS or security.
2.1.2 Hierarchical Routing
In Hierarchical routing, nodes aggregate into one cluster based on physical location; and
a cluster head is elected or designated for cluster management. Gateway nodes are
sometimes needed for communication between clusters.
14
There are many hierarchical routing schemes in the literature, e.g. Zone Routing
Protocol (ZRP) [21], Cluster-Head Gateway Switch Routing (CGSR) [22]. In ZRP, each
node is the center (or cluster head) of its zone or cluster, which is formed based on the
distance of neighbor. Inside the zone, ZRP adopts proactive routing scheme, while
outside the zone, it uses reactive routing scheme. Since the zones are fully overlapped,
the choosing of zone size is the key issue to control overhead. CGSR is a table-driven
proactive routing which assumes that node is one hop distance to cluster head in each
cluster. Each node will maintain a table to the cluster which includes the destination
node. The routing between two nodes will first go to source cluster head, then to gateway,
then to intermediate cluster head and gateway, finally to destination cluster head. Since
cluster head needs to participate in all routing processes, it is exposed to heavy traffic and
packet collisions, and may run out of battery. Cluster Based Routing Protocol (CBRP)
[23] is similar with CGSR, but CBRP is a reactive source routing protocol. Hierarchical
State Routing (HSR) and Fisheye State Routing (FSR) [24] are both link state based
routing protocol with hierarchical structure. HSR maintains a hierarchical topology based
on physical location or logical relation so as to reduce the storage of link state, however,
the overhead involved in exchanging packets containing hierarchical level or head
election is very high. In FSR, the updated link status is only exchanged between the
neighbors or multihop neighbors, but not in the whole network. This scheme can highly
reduce the routing overhead. However, choosing a neighbor will significantly influence
the performance of FSR at different mobility values.
The main benefit of Hierarchical routing (cluster-based routing) is that it can reduce
the size of the nodes attending the routing process. Consequently, it can reduce routing
15
overhead and improve the channel utilization. However, the maintenance of cluster such
as cluster head election, cluster member management, is a very complex problem.
Furthermore, it would be a better choice if it consider the power control.
2.1.3 Power-Aware and QoS Routing
In MANET, power consumption is a serious issue. Power-aware routing is based on
power related metrics so as to enhance the lifetime of nodes, or to balance the node
energy in the network. Many metrics are introduced to improve the energy efficiency
such as in [25, 26, 27]. Minimal energy consumption per packet [25] aims at minimizing
the average energy consumption for a packet. However, it cannot balance the load of the
network, and to measure the energy use in advance of data transmission is not meaningful.
Battery cost aware routing [26] is based on the node battery consumption, which is to
select nodes that have high remaining power such as minimum battery cost routing, Min-
Max battery cost routing [26]. Moreover, some variances which combine both node
transmitting power and remaining battery are also proposed, including Conditional Max-
Min battery capacity routing [26] and Power-aware Source Routing [27]. Battery related
routing can better balance the usage of node and enhance the lifetime of node and
network. In [28], a distributed power control is employed to minimize the total power
consumption given the delay constraint, interference constraint and some other system
constraints. However, this work is not on routing procedure, since it assumes that the path
is already built.
Currently, most power control routing schemes on cluster based architecture focus
on how to form cluster. In CLUSTERPOW [29], each node associates to different level
16
clusters by adjusting its transmission power. In Low-Energy Adaptive Clustering
Hierarchy (LEACH) [30] scheme, the idea is to form clusters of the sensor nodes based
on the received signal strength and use local cluster heads as routers to the sink. In [31], it
forms cluster based on throughput and power. In addition, multihop cluster can be formed
based on power control [32], in which, multiple metrics are considered such as energy
consumption, energy stock, communication cost and delay. The intra-cluster routing is
based on the combination of these metrics. All those works do not consider the channel
interference, which is one of the main factors that affects the power consumption and
data rate; additionally they ignore the effect of mobility.
QoS routing is desirable by many applications. However, “hard QoS”, the guarantee
of QoS at any time, is very difficult to support in MANET because of node mobility, lack
of central control and the constantly changing wireless channels [ 33 , 34 ]. Many
applications do not require “hard QoS” and accept “soft QoS” [35], thus, the guarantee of
“average QoS” is an acceptable measure of performance. For example, many multimedia
applications accept “soft QoS” and use rate adaptive schemes to mitigate disruptions [35].
Disjoint multi-path routing (node-disjoint or link disjoint), is one of the main ways to
guarantee QoS requirement. There are two ways of using the multiple paths to send data.
The first approach is to send data along multiple paths simultaneously to achieve
diversity. For example, the same data packets are sent along multiple paths [36]; or
different sub-packets are sent using diversity coding [37, 38]. The second approach is to
send data through only one path, while using the other paths as backup. This can provide
better bandwidth utilization.
17
2.1.4 Secure Routing
Secure routing attracts more and more attentions in MANET. It can be classified as
secure routing aimed at data security, integrity and non-repudiation, or anonymous
routing focusing on node privacy.
Many secure routings schemes have been proposed in both uniform and cluster based
topology. Secure Efficient Ad hoc Distance Vector Routing protocol (SEAD) is DSDV-
based protocol [39], which use one way hash chain as the key to authenticate message.
Ariadne [40] is a source routing which adopts “Timed Efficient Stream loss-tolerant
Authentication” (TESLA) to authenticate node and per-hop hash to protect data integrity.
Secure Routing Protocol (SRP) [41] is also a source routing which uses the shared secure
association between source and destination to authenticate message. However, SRP
cannot authenticate the intermediate node. Authenticated Routing for Ad hoc Networks
(ARAN) [42] is a certificate based source routing protocol, which adopts “Rivest, Shamir,
and Adleman” (RSA) techniques to guarantee data integrity, authentication and security.
Secure Ad hoc On-Demand Distance Vector (SAODV) [ 43 ] is also Public Key
Infrastructure (PKI) based protocol, but it is a variance of AODV. However, the
computation complexity and time consumption of asymmetric key is higher compared to
symmetric key techniques. Cluster-based secure routing is more complex since it
involves authentication among cluster heads, between cluster head and its member.
Certificate is generally used in the authentication between cluster head and member,
while cluster heads are authenticated by shared key or certificate [44, 45, 46, 47]. To
protect the security key of cluster head, the (n, k) threshold scheme [48] is adopted to
backup the private key of cluster head. However, some problems are incurred such as
18
dynamical cluster augment, key issue and key update of cluster head, cluster head
election.
Secure anonymous routing is one of the primary countermeasures to various attacks
on the routing traffic. It has been studied intensively in wired networks. The concept of
“mix” is proposed in [49], and was employed in various anonymous communications
proposals for the Internet, such as P5 [50]. A similar but different concept, “crowd”, is
introduced in [51] for Internet web transactions. However, they can’t directly apply in
MANET. In [52], a protocol is proposed to allow trustworthy intermediate nodes to
participate in the path construction protocol without jeopardizing the anonymity of the
communicating nodes. Anonymous On-demand Routing (ANODR) [53] is based on
“broadcast with trapdoor information”, in which a cryptographic onion [54] is used for
route pseudonym establishment. ASR (Anonymous Secure Routing) [ 55 ] adopts a
temporary public key to represent a node during a routing request, which is used to
encrypt the pseudo in routing response. A more recent work [56] proposed an anonymous
on-demand routing protocol, termed MASK, and based on a new cryptographic concept
called pairing. MASK fulfills the routing and packet forwarding tasks without disclosing
the identities of participating nodes under a rather strong adversarial model. However, so
far no work is talking about anonymity in cluster based wireless network. [57] presents a
scheme to ensure secure communication and to provide anonymity and location privacy
in hybrid ad hoc networks; however, this proposal can only be effectively used for
networks with fixed and powerful access points and all traffics should go through the
access points.
19
2.2 Problems of Current Research Efforts
Although there are so many routing schemes having been proposed, it is still an open
problem to achieve “Secure and Power Efficient Multi-hop Connectivity with QoS
assurance and bandwidth efficiency”.
Soft QoS assurance in MANET can be achieved by disjoint multi-path routing and
power control schemes [36, 37, 38]. The basic idea of these works is to achieve
transmission reliability by sending redundant data. However, those schemes will take
much bandwidth, while bandwidth efficiency is an important issue in MANET.
In wireless communication, the link quality (link rate or error rate) is proportional to
the transmission power and the inverse proportional to distance. Thus link needs higher
power for further distance. Therefore the basic idea for power efficient routing is to
choose the links based on power related routing metrics so as to minimize the power
consumption and battery usage, but maintain the link quality. In [25, 26, 27], power
related metrics are addressed to achieve energy efficiency and also improve energy
balance. However, most research efforts have not considered the link interference;
therefore the path quality cannot be guaranteed.
Since the transmission rate (QoS assurance) correlates to link transmission power, it
is reasonable to design routing protocol by considering power control and QoS together.
Kong and co-workers [58] also talk about a similar scheme; however, their scheme is
based on single path. In this dissertation, the minimal transmission rate is guaranteed by
defining the minimal transmission power under the condition of channel interference.
Thus the energy efficiency and power balance are achieved by choosing routing metrics
related to the minimal power and node battery. Disjoint multi-path is adopted to improve
20
the reliability and satisfy the QoS requirement. However, to improve the bandwidth
efficiency, no redundancy data is transmitted: at each time, only one path is used for data
transmission; another path is used for backup.
Anonymity is an important issue especially for military applications, since it is
dangerous if an enemy knows the real identities of sender and receiver. The basic idea for
anonymity is to protect the node identity, hide the relationship between source and
destination. Although many schemes are introduced for anonymous routing, anonymity
in cluster based MANET is still an important topic due to the requirements of both
scalability and security. Liu and co-workers [59] discuss the hierarchical anonymity;
however, their method divulges the cluster head since inter-cluster routing is through
cluster heads. Cluster head plays an important role in cluster based MANET, thus it is
necessary to guarantee its anonymity.
21
CHAPTER 3
CLUSTER BASED ARCHITECTURE FOR MANET
The cluster based architecture adopted in this dissertation has been proposed initially by
Vaman based on distributed management [6]. The network is composed by two
components: cluster head, node (member). Each cluster head is responsible for the
distributed network management. Although gateway is not defined here, any node can
function as a gateway. This architecture is a two-layer network structure. Each cluster
forms a lower layer network; all cluster heads constitute the higher layer network. The
basic advantages of this architecture are:
• Only the cluster head and the designated backup cluster head of each domain will
be configured with a public IP address, while all other radios will have inter-
changeable private IP address configuration. It is very consistent with the current
Internet architecture and therefore this network is supported with seamless IP
transport system within the COTS standards.
• This architecture is based on cluster head management system and therefore is
distributed. The amount of bandwidth for management and control is very small
as the management information is not globally exchanged.
• By provisioning two layer networking, it is feasible to deploy a greater coverage
based network for cluster heads and low power network within the domain. This
22
would facilitate high-speed and real time application service provisioning end-to-
end.
• The delays encountered in managing and controlling the network are very small
and therefore the network can be configured to assure provisioning of multi-
service applications with Quality of Service assurance.
3.1 Basic Assumption and Requirement
It is assumed that network links are bidirectional; that is, if node A is able to transmit to
some node B, then B is able to transmit to A. This assumption is reasonable since many
wireless Medium Access Control protocols require bidirectional links. For physical layer,
it can support TD/CDMA or 802.11 [60].
Each node has limited resource of battery life and computational power. Therefore,
power control is essential to maximize the service provisioning. Accessory equipment
such as GPS is not necessary. Cluster head could be resource-rich, or just a normal node.
In the network, each node can move with moderate speed, which means it is not so fast
that the routing is meaningful. Within the cluster, each node can move randomly and can
be modeled with any mobility model such as Random Way Point [11]; however, all
nodes within the cluster can be assumed to be a homogenous set of nodes with the same
moving pattern.
The network is required to support multi-service applications. Therefore, the network
can support desired data traffic flow (low to high), and the link should satisfy low loss
ratio, high throughput and small delay.
23
3.2 Cluster Structure
3.2.1 Network Components
There are two components in this architecture: cluster head and node (normal cluster
member).
Cluster head can be designated initially or elected by cluster member, and it can also
be re-elected. Each cluster has only one cluster head; it is also possible to have a backup
cluster head. Cluster head aims at managing local cluster and collaborating with other
cluster heads. Only cluster head can be assigned a public IP address or identity. Cluster
head will also keep many tables for specific applications. For routing process, cluster
head might have the table about the connection and ID for its cluster member. For
security consideration, cluster head might share some secure associations with other
nodes [2].
Any node in a cluster is assigned only private IP address or identity. Therefore, if a
node wants to join a cluster, it needs to request network address from cluster head. The
node could be elected to be a cluster head. Node can store cluster information as a backup.
For example, they can use (n, k) threshold scheme to keep the cluster private key [48].
In mobile wireless network, the gateway with strict definition is not practical.
Because node will keep moving, gateway might easily move to other region, so that it
cannot function well. The management for gateway switch is complicated and requires
high bandwidth cost. In this architecture, no fixed gateway exists but only dynamic
gateway is addressed. In this architecture, we define the node lying in the overlapping
area between clusters as a gateway. It can forward inter-cluster packet to its neighbor
24
cluster. If the node moves out from overlapping area, it will automatically lose the
gateway function.
3.2.2 Network Topology
The network has two layers: intra-cluster and inter-cluster.
There are two possible types of connection supported for intra-cluster system.
• Each node can reach other nodes by directly radio broadcasting as in Fig. 3.1(a).
• Each node can communicate with others by multi-hop connection as in Fig. 3.1(b).
Since the transmitting power is strongly related to the distance, multihop can
reduce the total energy consumption in some occasions.
Fig. 3.1 Intra-cluster Communication
25
Inter-cluster connection is affected by the capacity of cluster head. Powerful cluster head
can directly communicate with other cluster heads; therefore inter-cluster communication
can be forwarded through cluster heads. However, if the cluster head has the similar
resource to normal node or if the cluster head is not present, inter-cluster communication
should go through gateways by multihop. Here gateways are those nodes in the area
overlapped by multiple clusters. In addition, if a node moves to an area which doesn’t
belong to any cluster, it will try to reach the nearest node and request management
information to the nearest cluster head by multihop connectivity. Therefore, there exist
three possible connections.
• Case I: Fig. 3.2(a) is for the model with powerful cluster head. Any inter-cluster
communication should go through cluster head.
• Case II: Fig. 3.2 (b) is for the model with general cluster head. Inter-cluster
communication has to go by multihop.
• Case III: Fig. 3.2 (c) is for the condition that node moves out of cluster.
26
Fig. 3.2 Inter-cluster Communication
(a) transmit through cluster heads
(b) transmit through gateway
(c) node out of range
Cluster node
Cluster head
27
CHAPTER 4
POWER AWARE QOS MULTI-PATH ROUTING
In this chapter, a power aware QoS multi-path routing which combines “power control”
and “QoS assurance” is developed for routing data traffic with minimum rate constraint
while maintaining high energy efficiency and prolonged network lifetime [61, 62].
Furthermore, in order to provide reliable end-to-end data delivery, the joint power control
and maximally disjoint routing scheme is augmented by a dynamic traffic switching
mechanism to mitigate the effect of node mobility or node failure. Thus this routing
protocol has the following features:
• Guarantee QoS requirement (minimum data rate) with bandwidth efficiency
• Achieve energy efficiency and energy balance
• Improve reliability
• Satisfy scalability
Compared to the current research efforts, the unique features of this protocol are:
• Realistic Interference Model - Power control and maximally disjoint multi-path
routing is proposed using the realistic interference model rather than the
simplified interference model (where interference is not considered). In fact, the
jointing of power control and multi-path routing becomes much tougher when
interference is taken into account.
28
• Bandwidth Efficiency - Data is only sent along the primary path rather than sent
simultaneously along all the multiple paths, thus achieving high bandwidth
efficiency.
• Reliability - A dynamical traffic monitoring and switching mechanism is
proposed to provide reliability against node mobility and link failures.
• Scalability - A piece-wise disjoint multi-path scheme is addressed for inter-cluster
routing so as to achieve scalability.
4.1 Power Control Framework and Power Control Connectivity
In wireless networks, a feasible link between two nodes depends on many physical layer
parameters, such as the transmission power, modulation and coding scheme. As a result,
power controlled connectivity is defined as follows: Given the modulation and coding
scheme and the desired throughput, a link between two nodes exists when the
corresponding target Signal-to-Interference-Ratio (SIR) is achievable. In other words, the
transmission power to achieve the target SIR should be below the maximum allowable
transmission power. We also define power controlled connectivity graph as the feasible
set of links that may accommodate the traffic flow with desired data rate Rtar
. In order to
obtain the power controlled connectivity graph given Rtar
, a power control framework is
introduced.
29
4.1.1 Power Control Framework
The objective of power control is to minimize the total energy consumption, or
equivalently, maximize the energy efficiency, and at the same time, guarantee certain
level of QoS if feasible. Assuming that there are N transmitter-receiver pairs (active links)
in the network using the same channel, the power control problem can be formulated as
follows
,min∑i
ip
pi
i = 1, 2, … , N. (4-1)
subject to the constraints
,tar
ii γγ ≥ i = 1, 2, … , N. (4-2)
,0 max
ii pp ≤≤ i = 1, 2, … , N. (4-3)
Where γi is the actual received SIR at receiver i, tar
iγ is the target SIR of the ith
active link,
ip is the transmission power of transmitter i, max
ip is the maximum power allowed for
transmitter i. The received SIR at receiver i is given by
∑ ≠+
=
ij jij
iii
iph
pLh2
σγ (4-4)
Where hii is the link gain from transmitter i to its designated receiver. ijh is the link gain
from transmitter j to receiver i. ip and jp are the transmission power of transmitters i
and j, respectively. σ2 is the background noise. L is the spreading gain for spread
spectrum systems. For example, a typical value of spreading gain L = 64 or 128 in
CDMA systems. The general interference model adopted here assumes that each
transmitting node in the network causes interference at any receiving nodes, even if they
are far apart [63]. This model is considered more realistic than the one which assumes
30
that transmitting nodes only cause interference to their neighbors. This is because the
aggregate interference from a large number of nodes may not be negligible even if
interference from each one of them is small.
Given traffic flow with desired data rate, tarR , the corresponding target SIR can be
expressed as
,12 −= Wi
R
tar
i
tar
γ i = 1, 2, …, N. (4-5)
Where Wi is the bandwidth occupied by the transmission from the ith
transmitter to its
designated receiver. Note that Equation (4-5) (derived from the Shannon capacity
formula) uses the achievable rate (upper bound) of the AWGN channel. However, it is
justified by the fact that with the current modulation and coding technology it can be
closely approximated in most practical scenarios [64].
4.1.2 Centralized Solution
The following theorem gives the feasibility condition of the formulated power control
problem formulated in Equation (4-1).
Theorem 1: A target SIR vector ϒtar
is achievable for all simultaneous transmitting-
receiving pairs in any time slot as long as the feasibility condition is met, i.e., the matrix
][ ZI tarΓ− is non-singular (thus invertible), where matrix tar
Γ is a diagonal matrix
=
≠=Γ
ji
jitar
itar
ij0
γ (4-6)
and matrix Z is the following nonnegative matrix
31
=
≠=
ji
jiLh
h
Zii
ij
ij
0
(4-7)
Proof of this theorem can be found in Appendix A. In the case of a CDMA network,
since the processing gain L is a large positive number, the power control problem is
usually feasible because the matrix ][ ZI tarΓ− is a diagonally dominant matrix (see
p.151 Definition 6.2 in [65]). The spectral radius of ZtarΓ is less than 1 (see p.151 of [65])
in this case.
The above theorem provides a centralized solution to the power control problem (4-
1). Given the desired throughput, maximum allowable power and bandwidth for each
active link i (Rtar
, max
ip and Wi), it is straightforward to calculate the optimal power
vector using equation
uZIp tar 1* ][ −Γ−= (4-8)
A N × N link gain matrix H may be formed where hij is the link gain from the jth
transmitter to the ith
receiver. Note that H is always a square matrix where the column is
indexed by transmitter and the row is indexed by the corresponding receiver.
4.1.3 Distributed Schemes
The centralized solution needs a central controller and global information of all the link
gains. However, it is very difficult to obtain the knowledge of all the link gains in an
infrastructure-less wireless ad hoc network and it is usually impractical to implement a
centralized solution. Also, even if centralized scheme were to be implemented, the
amount of signaling overhead increases significantly. Therefore, a distributed
32
implementation is suggested for realistic scenarios. Distributed power control schemes
may be derived by applying iterative algorithms to solve Equation (4-8). For example,
using the first-order Jacobian iterations [65], the following distributed power control
scheme is obtained
Nipkpk
kp ii
i
tar
i
i ,...,2,1, ),()(
min)1( max=
=+γ
γ (4-9)
Note that each node only needs to know its own received SIR at its designated
receiver to update its transmission power. This is available by feedback from the
receiving node through a control channel. As a result, the algorithm is fully distributed.
Convergence properties of this algorithm were studied by Yates [66]. An interference
function I(p) is standard if it satisfies three conditions: positivity, monotonicity and
scalability. It is proven by Yates [66] that the standard iterative algorithm p(k + 1)
=I(p(k)) will converge to a unique equilibrium that corresponds to the minimum use of
power. The distributed power control scheme, represented by Equation (4-9), is a special
case of the standard iterative algorithm.
Since the Jacobi iteration is a fixed-point iterative method, it usually has slow
convergence speed to the sought solution. However, the power control algorithm
represented by Equation (4-9) was selected in our proposed power aware maximally
disjoint routing due to its simplicity. The complete procedures of obtaining power
controlled connectivity graph using a distributed algorithm is highlighted in Fig. 4.1. The
success of concurrent transmissions within each channel is guaranteed by power control.
However, a scheduler may be needed to avoid the primary conflict where a node
transmits and receives simultaneously using the same channel. The scheduling algorithms
may be designed in either centralized or distributed manner [67].
33
ipi ∀),0(
tar
iγ
)(kiγ
)(*)()1(
kkpkp
i
tar
iii
γ
γ=+
Fig. 4.1 Distributed Algorithm for Power Controlled Connectivity Graph
4.2 Power Aware QoS Multi-path Routing
In a mobile wireless ad hoc network, node failures (due to energy loss) and link failures
(due to node mobility, channel fluctuation) are common and present a great challenge to
reliable data delivery. The proposed power aware maximally disjoint routing is based on
34
providing fault tolerant disjoint multi-path technique to mitigate the effect of constantly
changing network topologies and wireless channels.
There are two types of disjoint paths, namely, node-disjoint paths and link-disjoint
paths. Node-disjoint paths are also link disjoint, but not vice versa. An example is
illustrated in Fig. 4.2. Paths R1 and R3 are node-disjoint paths (hence link-disjoint as
well) since they do not share any node (except the source node A and the destination
node L). On the other hand, paths R2 and R3 are link-disjoint paths because they have no
common links. However, they are not node-disjoint. In this paper, only node-disjoint
paths are considered since they are more fault-tolerant than link-disjoint paths. There are
two ways of using the multiple paths to send data. The first approach is to send data along
multiple paths simultaneously to achieve diversity. The second approach is to send data
through only one path, while using the other paths as backup. Although the second
approach is widely used in wired networks such as in optical networks, it has not been
considered for mobile wireless ad hoc network in the literature according to author’ s best
knowledge. The argument has been the duplicity of bandwidth and therefore for
bandwidth-starved wireless networks, this is a critical problem.
Fig. 4.2 Node-Disjoint vs. Link-Disjoint Paths
35
The second method is used in our solution, and the bandwidth is not reserved on the
backup path. The sender keeps track of the bandwidth availability and maintains the
backup path. When the primary path has failed and is not available, the backup path
bandwidth is used. Therefore, for each user application, the required bandwidth is always
the same and not duplicated. This solution has the following advantages:
• There is no complicated diversity coding scheme required. Thus, there is no
excessive delay induced by waiting for sub-packets from the slow path to arrive
before a packet can be successfully decoded.
• Different traffic flows, whether they have the same “source and destination pair”
or not, may share the links in their respective backup paths. It results in a much
better bandwidth utilization compared to the first approach.
• The packet re-ordering at the destination node during the transient phase (due to
traffic shift) is much less frequent than the sub-packet re-ordering needed
constantly in the first approach.
The disadvantage of the second approach is the fact that the traffic may shift back and
forth if node mobility is changing much faster (orders of magnitude) than the duration of
the traffic sessions. A hysteretic rule for traffic shifting to mitigate this effect is being
proposed in Section 4.1.3. Moreover, we should emphasize that the time constant of the
mobility is on the same order or less of the duration of the traffic sessions considered in
this paper.
The routing algorithm similar to SMR [17] is used to obtain two maximally disjoint
paths. However, it uses different routing metrics which are related to power and energy.
The routing metrics include:
36
• Minimum Power Split Multi-path Routing (MPSMR), which expresses as
Equation (4-1). In MPSMR, the transmission power is used as the link metric
instead of the hop count. Each RREQ has a field that records the total
transmission power along a path and keeps updating the field while traversing
through the network. The intermediate nodes forward the duplicate RREQ whose
total power is not larger than that of the first received RREQ. The destination will
choose the path with the least total transmission power and a maximally disjoint
backup path.
• Balanced Energy Split Multi-path Routing (BESMR), which expresses as
,min∑i i
i
E
p
i
i = 1, 2, … , N. (4-10)
Where, pi and Ei are the transmission power and the remaining energy of node i,
respectively. Instead of considering only the transmission power, the metric pi/Ei
is proposed to balance the energy efficiency and fairness among nodes. BESMR
selects the route that minimizes Σ( pi/ Ei). It considers the tradeoff between the
transmission power and the remaining energy of the node; thus maximizing the
network’s lifetime. Note that BESMR also reduces network congestions because
the traffic will be distributed more evenly across the network, rather than
aggregated among a small set of nodes where transmission power is low.
The routing procedure is listed below:
1) The transmission powers of all links are initialized to the minimum power
specified by the standard. An initial two maximally disjoint paths are calculated
using ∑ ip (for MPSMR) or ∑ ii Ep (for BESMR) as the routing metric.
37
2) Two new maximally disjoint paths are calculated using ∑ ip (for MPSMR) or
∑ ii Ep (for BESMR) as the routing metric.
3) If the routing metric of the two new paths are less than that of the previous two
paths, then update the transmission powers along these two new paths. Go to step
2. Otherwise, select the two disjoint paths found in the previous iteration, and
done.
The above iterative algorithm is illustrated in Fig. 4.3. Note that the proposed iterative
algorithm is also valuable for call admission control. If the power control problem
becomes infeasible due to a new traffic session, it will be rejected.
38
Fig. 4.3 An Iterative Algorithm for Joint Power Control and Maximally Disjoint
Routing
4.3 Dynamic Traffic Switching
The joint power control and routing scheme will be applied before each traffic session
starts. In order to guarantee the required data throughput with high probability during the
entire session of the traffic flow, an on-line dynamic traffic restoration scheme is
indispensable for dealing with node mobility or node failure. In this dissertation, only
39
“soft QoS” is supported. In other words, there may be short transient period where QoS
requirements are not guaranteed due to broken path or reduced capacity. However, the
QoS requirements will be ensured when the path is not broken or after the session is
switched to a new path. Note that many multimedia applications accept soft QoS and use
rate adaptive schemes to mitigate disruptions [68].
There are several phases in the proposed dynamic traffic switching (restoration)
scheme (Fig. 4.4):
1) Initialization phase: Given the topology of a wireless ad hoc network, MPSMR
or BESMR is used to find two maximally disjoint paths from the source to the
destination such that the corresponding power control problem is feasible.
2) Monitoring phase: The source node saves the two paths in its routing table and
starts to send packets through the primary path. At the same time, the source also
periodically sends small amount of probe packets to monitor for both paths. At
each time slot, the source will estimate the data rate based on current rate
(transient rate) and the estimated rate (average rate). The expression for data rate
estimation is as
)()()1()1( kRkRkR curαα +−=+
−−
(4-11)
)(kR−
and )(kRcur are the estimated average data rate and the rate at slot “k”
respectively, α is the weight between (0,1).
3) Path switching (transient) phase: The source node monitors the throughput,
delay and loss of both two paths. If the throughput is below a threshold 1
thR , the
node shifts the data traffic from the current path to the backup path. At the same
40
time, it starts a new routing request (RREQ) using MPSMR or BESMR, and
stores the newly found paths in the routing table as the new backup paths.
4) Convergence phase: If the throughput of the original path improves and
increases beyond a threshold 2
thR , the node will shift the data traffic from the
current path back to the original path.
Fig. 4.4 Software Agent for Traffic Monitoring and Switching
41
4.4 Performance Evaluation
The performance of the proposed joint power control and maximally disjoint routing is
evaluated through discrete-event simulations using OPNET. The dynamic traffic
switching scheme is also tested.
4.4.1 Simulation Setup
In this simulation study, it is assumed that there are fixed number (M = 50) of nodes
located in a square area (300 meters x 300 meters). The locations of the nodes are
uniformly distributed within the area. The other parameters include:
1) The required throughput, tar
iR = 250 kbps for all the traffic sessions.
2) The bandwidth shared by all links is 1.25 MHz.
3) The link gains are assumed to be only function of distance, i.e., α
ijij dh 1= ,
where α = 4. No fading is considered here.
4) The maximum allowable transmission power maxp is 200 mW.
5) The background noise σ2 = 10
−7.
In addition, all the nodes are assumed stationary or have negligible mobility during the
entire routing process such that routing and QoS provisioning is meaningful. However,
nodes may move dramatically during traffic sessions (data forwarding).
42
4.4.2 Maximally Disjoint Routing With Different Interference Model
In this part of the simulations, source and destination are randomly chosen and the
MPSMR algorithm is used to find two maximally disjoint paths with low energy
expenditure. Three cases are examined with different interference model:
1) The simplified interference model (the best case);
2) The general interference model including all links (the worst case);
3) The general interference model including only the links within the two maximally
disjoint paths.
In order to compare joint power control and routing schemes with different interference
models, the following performance criteria are selected:
1) Average success probability (psucc);
2) Energy per-bit (Eb)
The first criterion (psucc) focuses on the average traffic carrying capability of the network,
while the second criterion (Eb) quantifies the energy efficiency of the proposed schemes.
The simulation results are averaged over 100 routing attempts and are summarized in
Table 4-1. It is clear that routing with the simplified interference model gives the best
success probability and energy efficiency as expected. In addition, simplified interference
model has low computational complexity because it does not need complicated matrix
calculation; whereas, the general interference mode is computational complex because it
needs to calculate the inverse of matrix so as to obtain the target power. However,
simplified interference model is too optimistic because it ignores all the interferences. If
all links (whether have data to transmit or not) are all included in the interference model,
we get the worst performance due to unnecessary conservativeness. However, it may be
43
useful when the network is heavily loaded. The performance of the proposed method is
somewhere in between and reflects the realistic situations.
Table 4-1 Comparisons of Routing Schemes with Different Models
Case Psucc E (in x 10-6
Joule/bit) Computational Complexity
1 0.99 0.12 Low
2 0.13 0.18 High
3 0.75 0.14 High
4.4.3 Comparison of SMR, MPSMR, BESMR
The performances of SMR, MPSMR and BESMR are compared in terms of energy
efficiency and network lifetime. The network lifetime is defined as the time of the first
node failure (because of running out of energy). It is assumed that all nodes have the
same initial energy at the start of the simulation. The source and destination of each
traffic session are randomly chosen. The duration of the traffic sessions is assumed to be
exponentially distributed with mean equal to 1 minute. Energy efficiency is measured by
the Cumulative Distribution Function (CDF) of the remaining energy at each node after
the shortest lifetime of the three routing algorithms.
Fig. 4.5 depicts the CDF of the remaining energy at each node after the lifetime of
SMR (which is the shortest among the three). It indicated that both MPSMR and BESMR
have better energy efficiency than SMR (by about 15%). All nodes have more than 40%
energy left using BESMR which indicate that BESMR has balanced energy usage among
nodes. There are about 8% of the nodes that are heavily used (have less than 40% energy
left) when MPSMR is applied.
44
The network lifetime using SMR, MPSMR and BESMR are shown in Fig. 4.6 for
networks with 25, 50 and 100 nodes, respectively. It is clear that BESMR has the longest
network lifetime because of its fairness to all nodes. A closer look at the standard
deviation of the remaining energy at each node along time (Fig. 4.7) explains that
BESMR tends to balance the energy consumption among all nodes thus has the smallest
standard deviation, and hence the longest network lifetime.
Fig. 4.5 Cumulative Distribution Function (CDF) of the Remaining Energy at Each
Node
46
Fig. 4.7 Standard Deviation of the Remaining Energy at Each Node (50 nodes)
4.4.4 Dynamic Traffic Switching
The proposed dynamic traffic switching scheme is tested by letting a randomly selected
node (other than the source and destination) on the primary path leave the area (thus
breaking the primary path) during the process of data transmission. The threshold 1
thR is
set to 80%. Fig. 4.8 shows the performance of the proposed traffic switching scheme
when the primary path (Route #1) is broken due to node mobility. When the throughput
of the primary path (Route #1) drops below 80% of the desired throughput, the traffic
will be switched to the backup path (Route #2). The corresponding end-to-end delay and
47
bit error rate (BER) are also shown. We assume that only one node moves in this
simulation.
Fig. 4.8 Performance Index (throughput, delay and BER) during Traffic Switching
due to Node Mobility
In actual implementation of this algorithm, the switching usually occurs much earlier
compared to that of Fig. 4.8 in order to control BER and achieve the desired QoS. Figure
48
4.8 illustrates the impact of different parameters by choosing the switching later than
what should be implemented.
4.4.5 Effect of Node Mobility
In this part of the simulation, it is assumed that all nodes in the network are mobile and
they move according to the following “random waypoint” mobility model [11]: At the
beginning of each time interval, each node decides to move with probability 0 ≤ q ≤ 1. If
a node decides to move, it will choose a random destination and a speed vector will be
sampled from a uniformly distributed random variable v ∼ [vmin
, vmax
], where v is the
value of the speed. vmin
= 0.3 meter/sec and vmax
= 0.7 meter/sec are the lower and upper
bound of the speed, respectively.
The average number of re-routings and the average number of “effective neighbors”
vs. node mobility (q) are shown in Fig. 4.9. The results are averaged over 100 traffic
sessions. The source and destination of each traffic session are randomly chosen. The
duration of each traffic session is assumed to be exponentially distributed with mean
equal to 1 minute. Here node B is called a “effective neighbor” of node A if they are
neighbors and the supported data rate between A and B is above the target data rate.
49
Fig. 4.9 Average Number of Re-routing and Average Number of Neighbors vs. Node
Mobility
It can be observed that the number of re-routings increases with the required data
rate, as expected. The number of rerouting increases with q from 0 to 0.3; however, it
almost remains constant after that for low-to-moderate required data rate. This can be
explained by the average number of “effective neighbors” shown in the same figure. The
50
average number of “effective neighbors” drops with q; however, there are still enough
“effective neighbors” for low-to-moderate required data rate. For example, there are 6
“effective neighbors” on average when Rtar
= 250 kbps even when all nodes are
constantly moving (q = 1). There are less “effective neighbors” on average for high
required data rate (Rtar
= 500 kbps). The average number of neighbors drops to only 3
when all nodes are constantly moving (q = 1). The above simulation results are critical
for network operators to set call admission control policies. Based on the estimated node
mobility, traffic session duration and QoS requirements, the average number of re-routing
can be estimated. Thus, the cost of supporting the traffic session with QoS can be
calculated and call admission control decision can be made accordingly.
4.4.6 Overhead and Scalability Analysis
In this part of the simulation, the proposed joint power control and routing plus traffic
switching scheme are tested in a realistic environment. A similar setup as in Section 4.4.1
is used with the following changes:
1) There are 80 nodes in a constrained area of 450m × 450m.
2) The simulation time is 10 minutes.
3) It is assumed that the link gains have the following form
)()()()( 4kBkAkdkh ijijijij
−= (4-12)
where )(kd ij is the distance from the thj transmitter to the thi receiver at time
instant k, ijA is a log-normal distributed stochastic process (shadowing). ijB is a
fast fading factor (Rayleigh distributed).
51
4) It is assumed that the standard deviation of ijA is 8 dB [69].
5) It is assumed that the Doppler frequency is from 8 Hz (for pedestrian mobile users)
to 80 Hz (for mobile users at vehicle speed) [69].
6) All nodes in the network are constantly moving according to the “random
waypoint” mobility model [11], with pause time set at 10 seconds and five
different velocities from 0 m/s for stationary nodes to 30 m/s for mobile users at
vehicle speed.
7) Two cases with a single source/destination pair and 10 pairs are tested,
respectively. All the sources are assumed to generate data packets for
transmission continuously at the target rate throughout the simulation. The mean
packet size is 1024 bits.
The results are summarized in Table 4-2 and Table 4-3. MPSMR is chosen as the routing
scheme. It is observed that there is almost no packet loss in the case of a stationary
network. Routing is only needed once for each source/destination pair and traffic
switching is not required, as expected. It is also observed that the packet delivery ratio
drops dramatically when all the nodes become mobile and reach vehicle speed, because
the number of broken paths (thus traffic switching) increases significantly. However, it is
interesting to see that 10 source/destination pairs do not overload the network yet, and the
performance results (in terms of packet delivery ratio, number of traffic switching, and
cost of routing) are comparable to the case of a single source/destination pair. The main
reason is that data are only transmitted through one path in the proposed scheme rather
than through multiple paths simultaneously, thus it avoids overloading the network. The
routing overhead may be calculated as follows:
52
ratiodelivery packet path per hops ofaverage# sec 600 rate data
pairper routing of# sizepacket routing average packets routing of#
×××
××=η (4-13)
Note that the routing overhead is about 20% in the worst case (10 source/destination pairs,
20 m/s), where the average routing packet size is 64 bits and the average number of hops
per path is 5.
Table 4-2 Performance Results of Routing and Data Delivery
Node velocity Packet delivery
ratio
Total number of
traffic switching
Total cost per
routing (number of
routing packets)
(m/s) 1-pair 10-pair 1-pair 10-pair 1-pair 10-pair
0 0.99 0.99 0 0 47558 55454
1 0.98 0.95 1 20 47226 71450
10 0.67 0.6 11 90 56135 90398
20 0.46 0.39 15 110 79989 83516
30 0.44 0.39 11 123 82180 68751
Table 4-3 Convergence and Overhead of the Proposed Scheme
Node velocity Packet delivery ratio Total number of traffic
switching
(m/s) 1-pair 10-pair 1-pair 10-pair
0 6 6.9 405 405
1 5.33 5.36 642 644
10 5.19 5.99 586 598
20 5.38 5.76 569 590
30 5.88 5.64 533 561
The distributed power control scheme requires that the receivers provide the received
SIR value (or equivalently, the link gain) to the corresponding transmitters. The power
control overhead is evaluated by the number of the control packets needed for these
53
information exchange. It is seen in Table 4-3 that the proposed joint power control and
routing scheme converges in about 5 to 6 iterations in all cases. In addition, the power
control overhead does not increase too much with respect to node mobility and number of
source/destination pairs.
4.5 Extension to Cluster Based Architecture
In many scenarios, such as battlefield, there are a large amount of nodes deployed in
MANET; thus scalability is one of the major concerns. Clustering is a good solution to
achieve scalability. By grouping nodes into different clusters, the communication cost in
the cluster will be greatly reduced. In addition, the network can be easily managed by
dynamically adding or removing for some nodes without affecting the structure and
behavior of other clusters. Thus it is important to extend the proposed scheme to cluster
based MANET.
In cluster-based MANET, inter-cluster communication could go through cluster head
(Fig. 3.2 a) or through multiple gateways (Fig. 3.2 b). In the case of Fig. 3.2 b, multihop
connectivity is necessary between nodes and gateways, since a node cannot transmit long
distance by increasing transmission power due to the reasons of power constraint of
wireless node and channel interference in wireless communication. However, for large
network, the average hop count for a path could be very large if all nodes have limited
capability on power supply and process. In mobile network, a long path with large hops is
not reliable. Assuming that a link is broken with probability ‘p’, the broken probability
for a N-hop path is Np)1(1 −− , since node moves randomly and independently.
54
Fig. 4.10 Link Broken Probability
The path-broken probability vs. hop count per path is shown in Fig. 4.10. From the
figure, even broken probability p is 5%; the path with 15 hops will break with probability
more than 50%. If p is 20%, the 10-hop path will break with probability more than 80%.
Hence, it is hard to maintain the minimal connectivity for a long-hop path. Therefore, to
guarantee the QoS assurance in large network, it is more feasible to adopt the
communication model as in Fig. 3.2 a. Assuming that cluster head has rich resource on
power and high processing capability; cluster head can communicate directly to its
neighbor cluster heads. Consequently, the average hop count of path will reduce greatly.
55
Moreover, path will be more reliable since the links between cluster heads can achieve
high quality.
To achieve the energy efficiency, QoS requirement and reliability, an extension of
the current multi-path routing scheme is proposed in this section, which called piece-
wise disjoint multi-path routing. In this scheme, routing process is composed of three
sub-paths as shown in Fig. 4.11:
• Sub-path one: from source to source cluster head
• Sub-path two: from source cluster head to destination cluster head
• Sub-path three: from destination cluster head to destination.
56
Fig. 4.11 Multi-path Routing between Clusters
Each sub-path can route independently and find a maximally disjoint backup path for
itself. From the figure, in sub-path one, source node only needs to route to source cluster
head, and find its backup sub path (green line); similarly sub-path two needs to find sub
multi-path between source cluster head and destination cluster head (red line); sub-path
three needs to route between destination cluster head and destination (blue line).
The independence of each sub-path allows for internal flexibility of choosing a given
routing algorithm. In sub-path one and sub-path three, the current multi-path scheme is
57
applied to achieve energy efficiency and minimal data rate; in sub-path two, since the
power consumption of cluster head is not the main issue, it may use existing routing
scheme such as AOMDV [19] or SMR [17] . In addition, each sub-path will also execute
path monitoring and path switching independently. For instance, if a link in sub-path one
is broken, sub-path one will switch to its backup path, but sub-path two or three do not
need to switch. Since the whole path is managed piecewise, the estimation for link
quality is more accurate and timely; the response for a broken link is fast; and the
corresponding cost due to path switch is low.
58
CHAPTER 5
SECURE ANONYMOUS ROUTING FOR CLUSTER BASED
MANET
In battlefield or military applications, the enemy could track the real identity or location
of a node, or analyze the packet or traffic so as to obtain vital information. Thus it is
crucial to keep the security and anonymity for all members, especially the cluster head,
because it plays a very important role in the network. Therefore, in this chapter, a novel
Secure Anonymous Routing scheme for Cluster based MANET (SARC) is introduced to
provide both security and anonymity [70, 71]. This is the first scheme to achieve
anonymity for cluster based wireless ad hoc networks. It provides the following functions:
• Privacy for all nodes, including both identity privacy and location privacy as
defined in [55].
• Data and routing security. SARC will also protect routing and data traffic from
traffic analysis and packet analysis attacks.
• Scalability. Only cluster member is affected by intra-cluster routing; and only
gateway takes part in routing between clusters.
5.1 Security Architecture and Assumption
It is assumed that all the nodes are stationary or have low mobility during the routing
process such that routing will not become meaningless. However, node mobility may not
59
be neglected during data transmissions, i.e., a route may be broken due to node mobility
during a traffic session. It assumes that key distribution is completed and that each node
has one or more public-private key pairs, which might be pre-installed or generated by
itself, or using a scheme such as the one proposed in [45]. In a cluster, each node is
supposed to communicate with each other directly, which means single hop
communication. Multiple gateways (GWs) are, the nodes lying on the border of cluster,
assumed so that each cluster is connectable directly or indirectly.
5.1.1 Cluster Affiliation
It is assumed that each cluster has an asymmetrical key pair KUc/KPc, where the public
key KUc is signed by a root Certificate Authority (rCA), and private key KPc is held and
maintained by the CH. A CH is designated initially, and it holds the private key of the
cluster in order to authenticate all the members. A new CH (if needed) might be re-
designated when the current CH relinquishes its role, or when it is broken down. Each
node typically affiliates with one cluster when the network is deployed. Each cluster
member (CM) has the public key of the cluster, but not the private key. The CMs that
belong to the same cluster should share a secret with that cluster, and one possible
implementation is a signature of a random number using the cluster’s private key. For
example, if node A belongs to cluster x, it may manually install the < NA, KPcx(NA) >
pair during initialization, where NA is a random number, and KPcx is the cluster’s
private key. KPcx(NA) is a signature of the cluster. A more efficient implementation is
using the hash value of KPcx instead of KPcx(NA), i.e., node A initially has the pair
<NA, H(KPcx, NA) >. A node may share multiple secrecies with different clusters at any
60
time so that it may join different clusters. GWs are automatically determined by each
node rather than designated. For example, nodes that locate at the border of a cluster may
act as GWs and perform the corresponding functions. It is expected there will be
sufficient number of nodes that qualify as GWs when the network is dense and nodes are
uniformly distributed in a cluster.
5.1.2 Nodes Join or Leave a Cluster
When a node wants to join a new cluster, it needs to be authenticated by the CH. Suppose
that node A initially has the pair <NA, H(KPcx, NA) >, it generates a temporary session
key Kses, and broadcasts an Authentication Request (AuRQ),
[ARQ, KUc(Kses), Kses(NA, H(KPcx, NA))]
where ARQ is the request ID. When the CH receives AuRQ, it will obtain Kses with KPc,
then verify H(KPcx, NA) after decrypting it with Kses. If succeeded, the CH will send an
Authentication Response (AuSP) attaching its Cluster Name (CN) encrypted by Kses
[ASP, Kses(CN, IV)]
where ASP is the response ID. Note that CN might change periodically by the CH to
keep the cluster anonymous. Initialization Vector (IV) is a 32-bit increasing number
maintained by CH. Each time CH updates CN, it will increase IV by one, which is used
to defend against replay attacks. If authentication failed, CH will send an error message
to specify the reason of failure, such as error decryption, wrong secrecy, . Node might try
to select other public key and secrecy for authentication when obtaining an error message
CH will keep a list of all CMs. After each successful authentication, CH will add an
entry to its member list (Table 5-1)
61
Table 5-1 Cluster Member’s Table
Random Number Valid Time
NA valid time A
NB valid time B
… …
CH will periodically check whether its CMs in the list are present. This procedure
may also thwart Denial-of-Service (DoS) attacks since repeated AuRQs can be easily
detected by comparing the obtained random number with the list. If a CM leaves a cluster,
it may not need to send any notification. CH will delete a CM from its list when that node
is found not present for certain time during periodic checks. However, if a CH plans to
leave a cluster, it needs to claim an election for a new CH, which might be based on a
specified security policy such as the one discussed in [44]. After a new CH is designated,
the private key KPc will be securely transferred to it from the original CH. In some
extreme occasions, CH might break down before the private key can be transferred. The
(n, k) threshold scheme [47] can be adopted as a backup scheme to protect KPc. A
suitable value of k may be chosen to guarantee security of KPc.
5.1.3 Key Management
In the proposed cluster based architecture, CN acts as the group key for a cluster. It is
used to identify the current cluster and should be only known by the CMs. CN should be
periodically updated by the CH, since CN might be divulged because of node movements.
To update CN, the CH simply broadcasts an update [CNUP, IV, CNc(CNn), KPc(H(IV,
CNn))] where CNUP is the ID of the update. The new cluster name CNn is encrypted by
the current cluster name CNc. Meanwhile a signature by the CH is used to guarantee both
integrity and authority. We assume that in most cases a divulged CN is out-of-date since
62
CN is updated periodically. In case that a valid CN is known by an adversary or a CM is
compromised, point-to-point updates are needed.
5.2 Secure Anonymous Routing
The routing process includes intra-cluster routing and inter-cluster routing. For intra-
cluster routing, only node in the cluster can response to the routing request; for inter-
cluster routing, the gateway, which lying in the overlap area, will take part in the routing
process.
5.2.1 Intra-cluster Secure Anonymous Routing
Three steps are included in the proposed Intra-cluster Secure Anonymous Routing:
(Public) Key Broadcasting, Intra-cluster Routing Request (Intra-RREQ), and Intra-cluster
Routing Response (Intra-RRSP) (see Fig. 5.1). In the step of key broadcasting, each node
will randomly generate a pseudo name, and broadcast the pseudo name and the
corresponding public key (KU) with the format
[pseudonym ⊕ CN, KU ⊕ CN, H(CN, pseudonym, KU)] .
where ⊕ represents XOR operation. The use of pseudonym ⊕ CN and KU ⊕ CN
guarantees that only the current CM can get the pseudonym and KU pair of other CMs in
the same cluster (by performing XOR operation using the current CN) because only CMs
in the same cluster have the knowledge of CN. Here we use the hash value of the CN,
pseudonym and KU rather than the CN itself. The strong collision resistance of the hash
function guarantees the uniqueness of the hash value, thus prevents replay attacks. The
integrity of the message is also assured by checking the hash value. All nodes in a
63
Fig. 5.1 Intra-cluster Routing
cluster need to build a table to map public keys and node names (pseudo names) of all the
CMs. Example is given in Table 5-2. Because one-hop communication is assumed within
each cluster, all other CMs can receive the broadcast and keep the message in its local
mapping table. In order to improve anonymity, all the CMs will periodically (but
randomly) update their public keys and pseudo names by key broadcasting. For example,
each CM chooses to broadcast a new public key and pseudo name every ‘m’ minutes. It
may choose a random number uniformly distributed in [lm+m/2, (l +1)m] as the time for
its lth
key broadcasting. It will prevent the link-ability of two (public key, pseudo name)
pairs from the same CM. The local timestamp helps to keep track of the validity of the
public keys. Entries will be deleted when their corresponding timestamps expire.
64
Table 5-2 Name-Public Key Mapping Table
Name Key Local Timestamp
A Key 1 Time 1
B Key 2 Time 2
… … …
Because of the high computational complexity of the public key schemes, they are
only applied to identify the designated receiver and help to deliver a symmetric session
key. For example, if node S wants to communicate with node D, they need to negotiate a
symmetric session key first. Node S simply broadcasts a routing request (RREQ) packet
that is encrypted by node D’s public key. Although all nodes of that cluster will receive
the RREQ, only node D has the corresponding private key and thus can decrypt it.
Therefore, it guarantees receiver anonymity. Node D will send a routing response (RRSP)
and encrypt it with node S’s public key, which will guarantee sender anonymity.
Furthermore, the pseudonyms of the source and destination nodes will guarantee sender-
receiver anonymity. After node S decrypts the RRSP, node S and node D will have a
shared session key for secure data transmissions. In order to thwart packet analysis
attacks, each packet needs to have the same packet size (by added padding). Note that a
CM may have multiple public/private key pairs. It is computationally very expensive for
the CM to try all its private keys when receiving a packet. A technique called key
indexing is proposed in AnonDSR [72]. A similar key indexing technique may be applied
here and the tradeoff between efficiency and anonymity is discussed in detail in Section
5.3.
65
The format of the Intra-RREQ (without key index) is
[KUD(Ks), Ks(RREQ || Req_ID || PNS), H(CN, KUD(Ks)), padding],
and the format of the Intra-RRSP (without key index) is
[KUS(Ks’), Ks ’(RRSP || Req_ID || Kses), H(CN, KUD(Ks’)), padding],
where PNS is the pseudonym of S; KUD and KUS are the public keys of node D and node
S, respectively; Ks and Ks’ are temporary symmetric keys; Kses is the symmetric session
key for data transmissions. Req_ID is an identifier of the request and it is also used to
defend against replay attacks. The hash values in the Intra-RREQ and Intra-RRSP are
used to maintain the integrity of those messages.
The Intra-RREQ has the same format as Intra-RRSP so that attackers are unable to
distinguish them by packet analysis. Hence attackers cannot correlate the source and the
destination by packet format. Furthermore, since Intra-RREQ and Intra-RRSP are
encrypted by the public keys of destination and source separately, attackers cannot obtain
the pseudonym of the source or the destination, and cannot feign others’ pseudonym to
communicate.
Note that each Intra-RREQ and Intra-RRSP only broadcast once in intra-cluster
secure anonymous routing and they do not propagate to other clusters. Hence, high
bandwidth efficiency can be achieved. Furthermore, since each node (including the CH
and GWs) behaves exactly the same, no special function needs to be performed by the
CH and GWs in the intra-cluster routing process. Thus, critical network elements can be
hidden from the attackers.
66
5.2.2 Inter-cluster Secure Anonymous Routing
In the proposed inter-cluster anonymous routing, we extend the method in ASR [55] to
cluster based wireless ad hoc networks. The tradeoff between bandwidth efficiency,
computational complexity, and the level of anonymity achieved is the main concern. It is
assumed that there exists a security association between any source and destination node
pairs. The shared keys may be distributed by a Key Distribution Center (KDC) or
manually. The procedures of inter-cluster anonymous routing are outlined in Fig. 5.2.
Fig. 5.2 Inter-cluster Routing
67
5.2.2.1 Source Broadcasts Inter-cluster Routing Request
Source node S generates an Inter-cluster Routing Request (Inter-RREQ), and broadcasts
Inter-RREQ in its cluster. Here we require that only GW nodes take part in inter-cluster
routing. Other CMs simply ignore this request to avoid packet propagations (thus avoid
wasting bandwidth). The format of this request is
[RREQ, Req_ID, H( Ksd || Req_ID ), Ksd(Kses), Kses(Req_ID), PK0]
• Req_ID: identifier of the request;
• Ksd: the shared key between node S and node D;
• Kses: a session key (will be used to verify response later);
• PK0: a temporary public key of node S.
The hash value of Ksd || Req_ID acts as a key index and is used for locating a key
quickly. If none of the symmetric key (stored locally) matches the hash value, the node is
not the destination. Ksd is used for authentication between the source node S and the
destination node D. To prevent possible mistakes when multiple keys have the same hash
value, Kses is used by intermediate node to verify whether it is the destination node,
because only destination node D has Ksd to obtain Kses and is able to verify that it is
indeed the destination by decrypting the fourth field in Inter-RREQ and comparing it
with Req ID. Note that the above procedure is only needed when the hash values match.
PK0 is kept by its next hop node (GW) to encrypt routing response. Since only node S
has the corresponding private key and the public key is temporary, it can guarantee both
security and anonymity in this step.
68
5.2.2.2 Gateway Forwards Inter-RREQ
The Inter-RREQ will be forwarded by GWs to neighboring clusters. Before forwarding
Inter-RREQ, the GW firstly keeps the public key of the sender and replaces it with the
public key of the current GW. For example, in step 2 of Fig. 5.2, G1 will keep PK0, and
replace it with PK1 (a temporary public key of G1). The Inter-RREQ changes to
[RREQ, Req_ID, H(Ksd || Req_ID), Ksd(Kses), Kses(Req_ID), PK1] .
Similarly, in step 4, the Inter-RREQ changes to
[RREQ, Req_ID, H(Ksd || Req_ID), Ksd(Kses), Kses(Req_ID), PK2]
where PK2 is a temporary public key of G2.
When a GW receives a fresh Inter-RREQ, it will save Req_ID and the corresponding
Kses(Req_ID) for identifying duplicate Inter-RREQs and later verification, and forward
the Inter-RREQ to GWs in neighboring clusters. When a foreign GW receives a fresh
Inter-RREQ, it will also broadcast an authentication request in its local cluster to check
whether the destination is there. For example, the packet format in step 3 is
[AREQ, Req_ID, H(Ksd || Req ID), Ksd(Kses), Kses(Req_ID), PK2, H(CN, Ksd(Kses))]
where AREQ is the authentication request ID, and the hash value is used to identify the
cluster and maintain the integrity of the message. Because it is an intra-cluster request,
nodes in other clusters will ignore it.
The GW may wait until a node replies and stop forwarding Inter-RREQ, or a timer
expires and then forward Inter-RREQ to GWs in neighboring clusters. However, there are
two concerns with the above design. Firstly, this may incur excessive delay in inter-
cluster routing. Secondly, anonymity may be sacrificed if the GW stops forwarding the
Inter-RREQ. For example, an attacker can figure out the cluster of the destination node
69
although not the exact location of the destination. In order to avoid these problems, in this
work, the GW will not wait for responses and will forward the Inter-RREQ immediately
after step 3 in Fig. 5.2. Of course, additional bandwidth is needed since each GW will re-
broadcast the Inter-RREQ exactly once.
5.2.2.3 Destination Sends Inter-cluster Routing Response
When a CM receives an authentication request, it checks whether it is the destination. If it
is, it will generate an inter-cluster routing response (Inter-RRSP), such as step 6 in Fig.
5.2. In this example, the destination uses a pseudonym T4, and encrypts T4 by sender’s
public key (PK3) such that the intermediate GWs and the source can authenticate the
destination. It also includes the encrypted (by T4) session key Kses and Req ID. The
packet format of Inter-RRSP is
[RRSP, PK3(T4) , T4(Kses || Req_ID)]
5.2.2.4 Gateway Forwards Inter-RRSP
When an intermediate GW receives a routing response, it decrypts the pseudonym Tx by
using its corresponding private key. Then it uses the obtained Tx to decrypt the session
key Kses and verify the destination, because the original Req ID and the corresponding
Kses (Req_ID) in the routing request has been saved by intermediate GWs. If the
verification is successful, the intermediate GW will perform the same operation as that of
the destination, i.e., it will generate a new pseudonym and encrypt it by last sender’s
70
public key. Then it will encrypt Kses and Req ID with the new pseudonym. For example,
the packet format in step 7 is
[RRSP, PK2(T3) , T3(Kses || Req_ID)]
Therefore, after the Inter-RRSP reaches the source, an inter-cluster route is formed as
S:T1:T2:T3:T4(D). The proposed inter-cluster secure anonymous routing implements
two different packet formats at a GW for forwarding Inter-RREQ and authentication
within its local cluster. Thus an adversary may distinguish GW nodes from other nodes.
However, since each GW re-broadcasts exactly twice for each Inter-RREQ (one for
forwarding Inter-RREQ and the other for local authentication), it is not possible for the
adversary to locate the cluster of the destination node unless key indexing is applied.
Note that GWs may use the same packet format for forwarding Inter-RREQ and
authentication within its local cluster. However, this approach violates the semantics of
clusters. For example, every node will have to examine every routing packets (local or
not) which results in much higher overhead. Furthermore, the proposed scheme ensures
location privacy because nodes do not reveal their real identity to other nodes, and their
pseudonyms are changed dynamically. Therefore, an attacker can trace a node to a certain
cluster at the most. Moreover, since source and destination identifiers are never disclosed
during route discovery, the relationship anonymity between the source and the destination
is guaranteed.
5.2.3 Efficiency Analysis
In the secure anonymous routing process, each packet is encrypted by either a symmetric
or an asymmetric key, and the intended receiver is identified by the key. However, one
71
problem (as pointed out in [72]) is that the receiving node may have many keys and does
not know which key to use. Therefore, each node has to try to decrypt any packet
received with all its keys in order to identify whether it is the intended receiver. This
process causes very low efficiency and high cost on computation and runtime.
One way to solve this problem is to add a key index for each encrypted packet. Each
node only needs to compare the key index to identify whether it is the intended receiver
and which key to use instead of performing many decryptions. Consequently, the cost on
computation and runtime will be greatly reduced. If a hash algorithm is used to generate
the key index, then only hash operation will be performed rather than decryption. Hash
algorithm such as MD5 is almost a thousand times faster than the RSA asymmetric
algorithm and is ten times faster than DES [73]. For intra-cluster routing request and
response, the key index is H(KU, CN). CN is used to prevent non-CMs from analyzing
the packet. Thus the Intra-RREQ will change to
[H(KUD,CN), KUD (Ks), Ks (RREQ || Req_ID || PNS),H(CN,KUD(Ks)), padding]
Similarly, key indexing may be applied to inter-cluster routing as well. For example, the
Inter-RRSP may be modified as
[RRSP, H(PKi), PKi(Ti+1), Ti+1(Kses || Req_ID) ]
where H(PKi) acts as the key index. However, use of key indexing might weaken the
anonymity of the system. For example, during inter-clustering routing, an attacker may
correlate Inter-RREQ and Inter-RRSP by recording the public keys (PKi) in the Inter-
RREQ and comparing with the key index H(PKi) in the Inter-RRSP. However, it may not
affect the anonymity of the system seriously. Although the attacker may divulge a few
links on the path, it is almost impossible for the attacker to discover the entire path unless
72
many attackers at different segment of the path collude. In addition, data transmission is
impossible to track even if the attacker has discovered the entire path, because the data
packet format will be different per hop. Therefore, it is possible to use key indexing
without jeopardize the anonymity too much.
5.3 Data Transmission
Intra-cluster data transmissions can be achieved by the source node broadcasting data
encrypted with the negotiated session key Kses from the intra-cluster route discovery.
The packet format is
[DATA, H(Kses), Kses(data)]
where DATA is the packet type. Each node within the same cluster will first check
whether it is the destination by verifying the hash value of its session keys. Because only
the destinations need to decrypt the data, computational complexity is low for all other
nodes.
Inter-cluster data transmissions rely on the sequence of symmetric keys generated
during Inter-RRSP. After inter-cluster routing is done, each node i on the path will keep a
mapping [Ti, Ti+1]. Ti is the symmetric key generated by itself and transmitted upstream
(to node i−1) as a part of the routing response. Ti+1 is the symmetric key received in the
routing response from downstream node (i + 1). During inter-cluster data transmission,
the hash value of Ti+1 is used to identify the downstream node. The packet format (from
node i to node i + 1) is
[DATA, H(Ti+1), Ti+1 ⊕ Ksd(data)]
73
where ⊕ represents XOR operation, data is encrypted by the shared key Ksd between the
source and the destination if data security is required. Each intermediate node will first
verify whether it is the downstream node by checking H(Ti+1). If it is (and hence has the
[Ti+1, Ti+2] pair), it will change H(Ti+1) to H(Ti+2), and perform the following operation:
Ti⊕Ti+1⊕Ti+1⊕Ksd(data) = Ti⊕Ksd(data).
Then the updated packet [DATA, H(Ti+2), Ti+2⊕Ksd(data)] will be re-broadcast. Since
hash value is used to identify the next hop, and the data field changes from hop to hop,
the attacker cannot track the data flow. Thus sender-receiver anonymity can be
maintained.
5.4 Anonymity Analysis and Attack Analysis
5.4.1 Anonymity Analysis
An anonymity metric based on entropy [57, 74, 75], is used to analyze the anonymity
level of the source and the destination. The entropy of a wireless network is defined
as ∑= )1log()( ii ppXH , where X is a discrete random variable with probability
function ip = P(X = i). Suppose the size of the network is N, an attacker can discover
node i’s identity with probability, ip . H(X) (uncertainty) is maximized when the node is
equally likely to be any node, i.e., NH logmax = , when ip = 1/N. Then the degree of
anonymity can be defined as max/)( HXH=η .
In this dissertation, the attack model defined by Hu and co-workers [40] is used.
Specifically, attack-C-M means that there are C compromised nodes and M (outside)
74
malicious nodes in the network. Compromised nodes may perform traffic analysis or
packet analysis on the routing traffic and data traffic, and they may collude. Focus is
placed on the source/destination “pseudonym anonymity” for intra-cluster routing, and
source/destination “cluster anonymity” for inter-cluster routing, where “pseudonym
anonymity” is defined as the uncertainty of mapping a pseudonym to a specific node, and
“cluster anonymity” is defined as the uncertainty of mapping a source or destination to a
specific cluster, respectively. Moreover, it is assumed that it is very hard for the attacker
to distinguish which pseudonyms belong to the same node. In other words, it is assumed
that the attackers do not possess the capabilities of observing the signal-to-noise ratio of a
transmitting device or observing the transmitting signal’s watermarks.
5.4.1.1 Pseudonym Anonymity of Intra-cluster Routing
In intra-SARC, key broadcasting is protected by CN so that (outside) malicious nodes
cannot obtain the public key and the pseudonym of any CM. Therefore, the anonymity
pseudonym anonymity is infinite under Attack-0-M, which means Attack-C-M has the
same effect as Attack-C-0 in terms of pseudonym anonymity. Consequently, only Attack-
C-0 is considered.
Suppose that a cluster has N nodes and C of them are compromised nodes (C < N),
and each node has equal probability to send and receive routing request. The Intra-RREQ
and Intra-RRSP are encrypted by the public keys of the source and the destination, which
means other CMs (including the compromised nodes) are not able to obtain the
pseudonym of the source and the destination, except for themselves. Firstly the source
anonymity is considered. If the destination is one of the compromised node, the source
75
will be revealed; otherwise the probability is 1/(N − C). Let Y be a discrete random
variable, and p0 = P(Y = 0) = C/N represents the probability that the destination node is
compromised, p1 = P(Y = 1) = 1−C/N represents the probability that the destination is a
legitimate node. Therefore the entropy under Attack-C-0 is
)1|()0|()|( 10 =+== YXHpYXHpYXH
])1|(1log)1|([1 ===== ∑ YiXPYiXPp
)log()/1( CNNC −−= (5-1)
The anonymity degree of the source/the destination is
)log(/)log()/1(/)|( max NCNNCHYXH −−==η (5-2)
Fig. 5.3 shows how this quantity varies with N and C. The anonymity degree increases
with the number of nodes within the cluster and decreases with number of compromised
nodes within the cluster. One compromised node can hardly do any harm, however, when
6 out of 30 nodes are compromised, the anonymity degree drops to 75%.
76
Fig. 5.3 Anonymity Degree of Intra-cluster Routing
5.4.1.2 Cluster Anonymity of Inter-cluster Routing
In inter-cluster routing, no real identity, pseudonym or the corresponding public key is
used, thus even compromised nodes cannot identify which node is the source or the
destination. What they can do is try to locate the source or the destination down to their
clusters. Hence, it is only meaningful to consider cluster anonymity. In another words,
how accurate the attackers may locate the cluster where the source or the destination node
77
resides. Furthermore, since all the GW nodes perform the same operation no matter
where they are, and the packet of inter-cluster routing is transparent for both
compromised and malicious nodes, the compromised node can be treated the same as the
malicious node with respect to cluster anonymity.
Cluster anonymity analysis may become very complicated because there are many
factors such as cluster distributions, number of attackers and attacker distribution that
will affect the cluster anonymity. Here the case of a single attacker is considered.
Suppose that there are P clusters in the network, and X is a random variable representing
which cluster the source or the destination resides. The maximal cluster anonymity of the
network is PH logmax = .
Assume that each cluster has N nodes, N1 of them in the area that do not overlap
with other clusters. We also assume the average overlapping degree is D, which means a
node in an overlapping area can sense the signals from D clusters on average. For
example, in Fig. 5.4, there are three clusters A, B, and C. In cluster A, N1 nodes are in
the area that do not overlap with B and C; N3 nodes are in the area that overlap with both
B and C. N2 and N4 nodes are in the area that overlap with either B or C. Therefore N =
N1 + N2 + N3 + N4. The average overlapping degree is D = (N2×2+N3×3+N4×2)/(N2 +
N3 + N4).
78
Fig. 5.4 Example of Inter-cluster Node Distribution
Considering the destination cluster anonymity, if a node observes a Inter-RRSP there
are 4 possibilities (represented by a discrete random variable Y).
1) The node is not in any overlapping area, and it resides in the destination cluster
with probability, PN
NYPp
11)0(0 === . In this case, the destination cluster will
be revealed.
2) The node is not in any overlapping area, and it resides outside the destination
cluster with probability, )1
1(1
)1(1PN
NYPp −=== . The destination cluster may
be any of the other clusters with probability 1/(P −1).
79
3) The node is in an overlapping area, and it resides in the destination cluster with
probability, P
D
N
NYPp )
11()2(2 −=== . The destination cluster may be any of
the overlapped clusters with probability 1/D.
4) The node is in an overlapping area, and it resides outside the destination cluster
with probability, )1)(1
1()3(3P
D
N
NYPp −−=== . The destination cluster may be
any of the other clusters with probability 1/(P − D).
Hence, the destination cluster anonymity is
)|(
1log)|()|(
jYiXPjYiXPpYXH j
=====∑∑
)log()1)(1
1(log)1
1()1log()1
1(1
DPP
D
N
ND
P
D
N
NP
PN
N−−−+−+−−= (5-3)
The cluster anonymity degree is
PDPP
D
N
ND
P
D
N
NP
PN
Nlog/)log()1)(
11(log)
11()1log()
11(
1
−−−+−+−−=η
(5-4)
The source cluster anonymity can be obtained similarly.
The cluster anonymity degree with respect to the number of clusters P, the average
overlapping degree D, and N1/N, is shown in Fig. 5.5. It is observed that the cluster
anonymity degree increases with the number of clusters P, as expected. It is also observed
that the cluster anonymity degree increases with N1/N. In the right-hand side of Equation
(5-3), the first term is dominant. Thus, the cluster anonymity degree η is higher when
N1/N becomes bigger. This represents the typical case when there are a lot of nodes in
the non-overlapping area and they are not in the destination’s cluster, and the number of
80
clusters is not too small (larger than 10 in this example). Another observation is that the
cluster anonymity degree increases when D decreases and P is large. When there are a lot
of clusters, less overlapping (small D) reduces the chance that the observer is within the
destination cluster. Therefore, the uncertainty of the destination cluster increases. Thus
the cluster anonymity degree improves. However, when P is not very large, there could
be a case where two cluster anonymity degree curves with parameters D1 and D2 cross at
D1 = P −D2. The cross happens at D1 = 5, D2 = 8, and P = 13.
Fig. 5.5 Anonymity Degree of Inter-cluster Routing
81
5.4.2 Attack Analysis
The active attacks such as the “Denial-of-Service (DoS) attacks” are usually easy to
detect because they cause abnormal traffic patterns under many circumstances [56].
Intrusion detection systems can act as one of the counter-measures against such active
attacks. Hence, active attacks are not addressed in this work. However, it is worth
pointing out that the integrity of the routing packets is guaranteed in the proposed scheme,
although routing packets are not encrypted (in order to reduce computation cost and
power consumption). The attacker will not be able to alter any field in the routing packets
without being detected. In addition, secure routing in cluster based ad hoc networks is
much more resistant to active attacks than routing in pure ad hoc networks. The main
reason is the existence of an on-line authority (CHs) capable of controlling traffic and
monitoring node behavior [57].
On the contrary, passive attacks such as “Eavesdropping” and “Traffic analysis” are
difficult to detect. Once locating certain critical nodes through overheard routing
information, passive attackers can perform active attacks on the critical network elements.
Therefore, passive attackers are more dangerous than active attackers because they are
difficult to detect [56]. Such passive attacks are the main concern of this paper.
In anonymous communications, two main passive attacks are packet analysis attack
and traffic analysis attack. In packet analysis attack, the attackers try to deduce routing
information by analyzing the packet length and type. In traffic analysis attack, the
attackers try to deduce routing information by analyzing the amount of traffic flow
among nodes and correlating eavesdropped traffic information to actual network traffic
patterns.
82
In cluster based wireless ad hoc networks, CH plays an important role as the central
controller and the trusted authority in a cluster. Thus, one of the main tasks of secure
anonymous routing is to hide CH from attackers. In the proposed secure anonymous
routing scheme, CH acts exactly the same as the other nodes throughout the routing
procedures in both intra-cluster and inter-cluster anonymous routing, which makes it
indistinguishable from the other nodes in the network. Consequently, the CHs are safe
from both packet analysis attacks and traffic analysis attacks.
Note that the attackers may be able to identify GWs from other nodes. However,
since each cluster typically has more than one GW node, it is not as critical as the CH.
Furthermore, it is feasible to allow some nodes to perform GW functions from time to
time. This will shuffle the routing traffic and make traffic analysis attack more difficult to
succeed. If a node other than the CH is compromised, its CH should update the group
shared secret (CN). Since the compromised node has the old CN, the CH cannot
broadcast the update request. Instead, it should send the request to each CM using point-
to-point mode. The packet format is
[CNUPP, IV, Nx(CN), KPc(H(IV, CN))]
where CNUPP is the packet identifier, Nx is the corresponding random number of node x.
Note that IV should be the same for all CMs. Since the compromised node may have pre-
installed signatures of multiple clusters, the CH should notify other CHs. It is assumed
that all CHs can identify each other by sharing a secret key. If a CH is compromised, all
the signatures for that cluster should be revoked and every node include other CHs should
be notified. In order to guarantee authority, the CH revoke message should be signed by
the root Certificate Authority (rCA). The message could be a Certificate Revoke List
83
(which is updated periodically). Furthermore, this signed message should be dispatched
to at least one trusted CH manually or through a special signaling channel. The trusted
CH obtaining the revoked information will send a notification to other CHs. Moreover,
each CH also needs to broadcast the revoked message to all CMs.
5.5 Performance Evaluations
5.5.1 Implementation Overhead Analysis
One routing design for cluster based wireless ad hoc networks is the Cluster Based
Routing Protocol (CBRP) [23]. CBRP does not contain any security features. In this
study, CBRP is used as a baseline for overhead comparison analysis. Suppose that 3DES
and RSA-512 are employed as the symmetric and public key algorithms, and MD5 is
adopted as the hash algorithm. The detailed packet fields of intra-cluster routing and
inter-cluster routing are shown in Fig. 5.6 and Fig. 5.7, respectively. In intra-cluster
routing, public key is only used to deliver a symmetric key, thus the computational
complexity is low. The overhead is also low due to the use of hash function. In inter-
cluster routing, the size of Inter-RREQ packet is 85 bytes. The packet size for
authentication request from GW to cluster member is 101 bytes. The packet size for
Inter-RRSP is 27 bytes. Since the routing packets’ sizes are fixed in the proposed SARC,
while in CBRP the routing packets’ sizes grow with the hop count of the route, the
overhead between them becomes close as the obtained route becomes longer (more hop
counts). A simulation is performed to demonstrate this effect and the result is shown in
Fig. 5.8. It is assumed that there are 20 clusters in the network and each node in each
cluster want to communicate with any other node in a different cluster. The result shown
84
is the average overhead over all obtained routes. It is observed that the overhead of
SARC is 26.3% higher than that of CBRP when the average number of hops in the
obtained routes is 4 (source and destination are in neighboring clusters). This drops to
only 16.7% when the average number of hops in the obtained routes increases to 10.
When the average number of hops in the obtained routes is more than 16, SARC has
lower overhead than CBRP.
Fig. 5.6 Intra-cluster Routing: Packet Fields
Fig. 5.7 Inter-cluster Routing: Packet Fields
85
4 6 8 10 12 14 16 18 202500
3000
3500
4000
4500
average number of hops in the obtained routes
ave
rag
e r
ou
tin
g o
verh
ea
d (
in B
yte
s)
SARCCBRP
Fig. 5.8 Routing Overhead of SARC and CBRP for Inter-cluster Routing
5.5.2 Route Establish Time
The routing protocol is implemented within OPNET. The network is 400m × 400m
square field with 800 nodes uniformly distributed. Sixteen non-overlapping clusters are
formed in the system with equal size of a fixed 100m × 100m area. The GWs are chosen
as the nodes whose locations are at the border of the cluster, to be exact, whose distance
to the border is less than 10 meters. An example is given in Fig. 5.9, where the solid line
86
is the edge of cluster and the nodes outside the dashed line are GWs. The inter-cluster
“route establish time” with and without key index are studied in this part of the
simulation. During the routing process, it is assumed that the nodes in the network are
either stationary or have negligible mobility. In other words, the time scale of routing is
much less than the time scale of mobility, such that routing is meaningful. The “route
establish times” are collected when the network has one, ten, thirty and fifty
source/destination pairs. And the results are averaged over 100 runs. The delay of
cryptographic operation is evaluated based on the test results given in [73]. The “inter-
cluster route establish time” with and without key index is shown in Fig. 5.10. It is
observed that the route establish time is much less with key index than that without key
index because using key index reduces the large delay caused by decryptions. It is also
observed that the route establish time increases linearly with hop counts when using key
index, but it is almost unchanged with increased source/destination pairs. The reason is
that with key index, each hop causes almost the same amount of delay, thus the route
establish time increases linearly with hop counts. On the other hand, each node searches
the key based on a hash algorithm when using key index, and hash algorithm is highly
efficient and will not be affected much by the number of source/destination pairs. In other
words, the queuing delay at each node will not be affected much by the number of
source/destination pairs when using key index. On the contrary, the “route establish time”
increases dramatically with the number of source/destination pairs when key index is not
implemented. The main reason is that the delay of cryptographic operation (decryption
rather than hash algorithm) is significant at each node and the queuing delay at each node
87
will increase as well. These delays will grow dramatically with the number of
source/destination pairs.
Fig. 5.9 Topology of the Network (GW: Square; CM: Round)
88
Fig. 5.10 Inter-cluster Route Establish Time (with and without key index)
5.5.3 Packet Delivery Ratio
In this part of the simulation, the effects of offered load (in number of flows across the
network) and node mobility on packet delivery ratio is investigated. This is shown in Fig.
5.11. The Random Waypoint mobility model [11] is adopted, with the pause time fixed to
10 seconds and the maximum speed varies from 0 (node is stationary) to 30 m/s. The link
capacity is 1 Mbps. The data generating rate is 4 packets per second with the packet size
exponentially distributed with mean 1000 bits. The simulation time is 10 minutes.
89
It is observed from Fig. 5.11 that the packet delivery ratio decreases as the node
speed and the offered load increase, as expected. When all the nodes are stationary, the
network is capable of supporting 30 simultaneous traffic flows. Higher mobility is the
main reason for the drop in packet delivery ratio because it causes more paths to be
broken and more loss in packet. The offered load is less of a factor than the node mobility
in this simulation since the link capacity is high comparing to the data generating rate.
Fig. 5.11 Packet Delivery Ratio under Different Node Speeds
90
5.6 Comparisons between Secure Anonymous Routing Protocols
The comparisons have been made in Table 5-3 between the proposed secure
anonymous routing scheme and other routing schemes in the literature, including
AnonDSR [72], ASR [55], ANODR [53], and Hierarchical ANODR [59].
Table 5-3 Comparisons between Anonymous Routing Protocols
AnonDSR ASR ANODR Hierarchical
ANODR
SARC (our
method)
Identity Privacy
(Sender)
Yes Yes Yes Yes Yes
Identity Privacy
(Receiver)
Yes Yes No No Yes
Identity Privacy
(Intermediate)
No Yes Yes Yes Yes
Identity Privacy
(Sender-
Receiver)
Yes Yes Yes Yes Yes
Weak location
privacy
Yes Yes Yes Yes Yes
Strong location
privacy
No Yes No No Yes
Scalability
N/A N/A N/A Yes Yes
Cluster head
Privacy
N/A N/A N/A No Yes
For node identity privacy, all the schemes can support the sender privacy and sender-
receiver privacy. However, ANODR and hierarchical ANODR cannot satisfy the receiver
privacy since they assume that the destination’s identity is known during the routing
process. In addition, AnonDSR cannot guarantee the intermediate privacy, because the
source and destination need to know the identity of the nodes in the routing path.
Location privacy [55] means no one should know the exact location of the source or
the destination except themselves (weak location privacy). In addition, other nodes,
91
typically intermediate nodes en route, should have no information about their distance
from either the source or the destination (strong location privacy). Although weak
location privacy is easy to achieve, only our scheme and ASR can support strong location
privacy.
In these schemes, only hierarchical ANODR and our scheme considered scalability.
However, in hierarchical ANODR, cluster heads participate in the routing process, thus it
cannot guarantee the privacy of cluster heads. Note that the privacy of cluster heads is a
critical issue for cluster based anonymous routing.
In comparison with the available protocols in the literature, the results show that the
proposed SARC satisfies all aspects of identity privacy and location privacy. Furthermore,
based on our best knowledge, the proposed SARC is the first one in the literature to
consider anonymity in cluster-based MANET, and to protect cluster head privacy.
5.7 Comparisons with Power Aware QoS Routing
The secure anonymous routing emphasizes on anonymity in cluster based MANET; also,
it can satisfy the requirements for power efficiency and QoS if transmission power is
used as routing metric. It uses multihop routing to save transmit power. The transmission
range is controlled by the minimal data rate requirement and transmit power. However,
compared with the power aware QoS routing in the previous chapter, it is less efficient on
power consumption and reliability.
The power aware QoS routing described in the previous chapter and the secure
anonymous routing are compared by simulation. Two criteria are used for comparison,
namely, the average transmission power per link and overhead. The simulation is
92
performed by OPNET. As shown in Fig. 5.12, the network is composed of 6 clusters.
Each cluster is a 300 m x 300 m area and includes 30 nodes uniformly distributed within
that area.
Fig. 5.12 Network Topology
The simulation parameters include:
1) The required throughput, tar
iR = 500 kbps.
2) The bandwidth shared by all links is 1.25 MHz.
93
3) The link gains are assumed to be only function of distance, i.e., α
ijij dh 1= ,
where α = 3. No fading is considered here.
4) The maximum allowable transmission power pmax
is 200 mW.
5) The background noise σ2 = 10
−10.
For each routing algorithm, five source/destination pairs in different clusters are
randomly chosen. The calculation of average link power in power aware QoS routing
does not include the power consumption of the cluster head, assuming that cluster head is
powerful and power consumption is not a concern.
It is observed from Fig. 5.13 that the average link power in anonymous routing
algorithm is much higher than that of power aware QoS routing algorithm. This is mainly
due to the single hop connectivity in anonymous routing algorithm, and each node will
reach its gateway directly by choosing higher transmission power. As shown in Fig. 5.14,
the overhead in power aware QoS routing is much higher than that of the anonymous
routing. When the node density is high and each node will have many neighbors, the
power aware QoS routing (which is multi-path routing) has higher overhead. On the other
hand, since routing requests are only forwarded to limited number of gateways in
anonymous routing, less overhead will be generated. However, in general, the cluster size,
number of clusters and gateways will affect the performance of both schemes. Also, the
key update rate in anonymous routing will affect the performance. For example, high
update rate will cause high overhead and power consumption, which may sometimes
overwhelm the effect of routing process.
95
5.8 System Integration of QoS Routing and Anonymous Routing
In MANET, a single system can be deployed for various applications. However, each
application has its special requirements. For instance, the sensor application emphasizes
on power efficiency; the application for voice or video over MANET requires reliable
connection and high bandwidth; while the military application focuses more on security.
Therefore, it is meaningful to integrate different routing schemes into a single network
system. In this dissertation, although two routing algorithms are developed to fulfill the
requirements of QoS and anonymity respectively, they can be integrated into one system
and implemented based on the priority of service.
In all the requirements, security has the highest priority. The MANET architecture
allows choosing either of the algorithms based on the needs for anonymity. Assuming
that the priority of security and anonymity is p, and highTh , lowTh are two thresholds for
anonymity respectively; if highThp > , the application primarily emphasizes on security
and anonymity, and as a penalty, it will sacrifice the performance in power consumption
and reliability; if lowThp < , the application does not require any security and anonymity,
then it will choose the power aware QoS routing scheme. For the middle region,
i.e., highlow ThpTh << , the application will request both anonymity and power control.
Therefore, a compromise between these requirements should be made; and the extension
scheme can be employed by integrating both routing protocols together. The block
diagram for the proposed system integration is provided in Fig. 5.15.
96
Fig. 5.15 Routing Schemes Integration
For the extended routing scheme, multihop connectivity is defined within a cluster.
In order to achieve anonymity, temporary public key is periodically broadcast and
forwarded inside the cluster so that each node can maintain a table of the temporary
public keys for all cluster members. The energy efficient metric is chosen for intra-
cluster routing. During the routing process, the intermediate node needs not only to
compare the sum of transmission power, but also to check the link validation since only
nodes belonging to the same cluster and publishing their valid public keys can take part
in the routing process. Therefore, the intra-cluster routing scheme can achieve both
anonymity and power efficiency. The choice of inter-cluster routing scheme is affected
by application requirements and network equipment. If location privacy of cluster head is
not so critical and cluster head is rich in resources, inter-cluster routing can go through
cluster head. On the contrary, if the anonymity of cluster head is very important and/or
97
cluster head is just a normal node, inter-cluster routing may go through multiple gateways
but with relatively weak path reliability. In Table 5-4, the differences among all the three
schemes are listed. Power aware QoS routing and anonymous routing aim at different
requirements of diverse applications. The extended scheme will give the best tradeoff
between requirements. As a result, the network system can select the desired scheme
according to the requirements of the application.
Table 5-4 Comparisons of Three Routing Schemes
QoS Routing Anonymous
Routing
Extension Routing
Scalability Yes Yes Yes
Power efficiency High Low Medium
Anonymity No Strong Medium
QoS assurance Strong Weak Medium
Reliability Strong Weak Medium
Overhead Mid Low High
98
CHAPTER 6
CONCLUSIONS AND FUTURE WORKS
6.1 Conclusions
In this dissertation, the problem of designing secure and energy efficient routing schemes
for MANET has been addressed. A novel routing algorithm that achieves QoS assurance,
energy efficiency, anonymity and scalability in MANET is developed. Specifically, QoS
assurance is achieved by using minimal data rate as a criterion; energy efficiency is
achieved by a combination of minimum transmit power and balancing the energy
remaining in the battery; and anonymity is achieved by protecting node identity and node
location.
The design of routing protocol with anonymity or without anonymity was shown. In
each case, the power efficiency and QoS assurance have been achieved. It has been
shown that the secure anonymous routing is less efficient than that of power aware QoS
routing, since it requires more overhead processing.
The power aware QoS multi-path routing is designed to achieve energy efficiency
and QoS assurance. In this scheme, power control is combined with the constraint of
minimal data rate. In addition, the realistic interference model is employed in power
control which is ignored in most of the other power related routing schemes proposed in
the literature. In this work, two maximally disjoint paths are obtained by the routing
scheme. It adopts a routing metric that considers the tradeoff between energy efficiency
99
and network lifetime. Unlike most works which guarantee the QoS assurance by sending
redundant data or using diversity coding, this scheme uses one primary path for data
transmitting, while choosing the other path as the backup, which can achieve bandwidth
efficiency. In addition, a dynamic traffic switching scheme is proposed to mitigate the
effect of node mobility or node failure; together they provide a means for reliable end-to-
end data delivery with guaranteed throughput. The effectiveness of the proposed scheme
is demonstrated through discrete-event simulations. The performances of different
routing metrics including SMR, MPSMR and BESMR are compared in terms of energy
efficiency and network lifetime, in which BESMR can achieve good energy saving and
better network lifetime. The process of dynamically switching is demonstrated. In
addition, the number of rerouting and the overhead due to node mobility is evaluated for
various scenarios. Since cluster based MANET can satisfy the requirement of scalability,
a piece-wise multi-path routing algorithm is developed for inter-cluster routing. The
whole routing process contains three independent parts. Each part can perform routing
and management independently. As a consequence, the routing process has less delay and
low cost, and it can also obtain accurate path statistics and introduce less overhead for
path switching.
In order to protect the node identity and hide the association between source and
destination, especially hide the location of the cluster head, the cluster based secure
anonymous routing (SARC) is developed and analyzed. The routing process includes two
parts: intra-cluster routing and inter-cluster routing. In intra-cluster routing, node can
maintain anonymity by encrypting routing information with its temporary public key,
which is periodically broadcast in the cluster. In inter-cluster routing, a sequence of
100
temporary public keys, each of which temporarily represents the node identity, is used as
trapdoor information. Since inter-cluster routing packet is transmitted through the
gateway by multihop connectivity and not through the cluster head, this scheme can
protect against the divulgence of cluster head. The secure anonymous routing scheme
satisfies the principles of efficient anonymous routing in mobile networks, i.e., the
proposed routing scheme is both identity-free and on-demand. In this scheme, Attack-C-
M model is used to evaluate the anonymity based on information theory measures. In
addition, attack analysis shows the effectiveness of the proposed scheme to guard against
passive attacks such as eavesdropping and traffic analysis. Moreover, the performances
of the secure anonymous routing in terms of overhead, route establish time and packet
delivery ratio are evaluated in a mobile environment.
The contributions of this dissertation include the following:
• An integrated solution for the requirements of power control, QoS assurance,
bandwidth efficiency, reliability and anonymity is provided.
• Real time simulation of the routing algorithm using OPNET is designed and
developed for validation of results.
• Power control QoS routing achieved:
(i) > 150% gain over SMR in terms of network lifetime
(ii) ~ 50% bandwidth savings over “QoS assurance based on multi-path
transmission (Proposed by Srinivas [36]; and Tsirigos [37])”
(iii) Minimum rate guarantee
• Secure anonymous routing developed in this dissertation is the first
published work to consider anonymity in cluster based MANET. It contains
101
(i) Information-theoretic computation of cluster anonymity
(ii) Protection of the anonymity of cluster and cluster head
6.2 Future Works
In this dissertation, we choose the minimum data rate as the criterion for achieving QoS
assurance because it is the basic requirement for most applications. However, other QoS
measures may be chosen to examine various aspects of wireless channels. Here, bit error
rate (BER) is used as an illustrative example. It is known that the average bit error rate
for BFSK under Nakagami-m fading is [76]
m
m
Pe
)1(
1
2
1
γ+
= (6-1)
Where Pe is the average error rate, γ is the signal-to-interference ratio (SIR). Since SIR
is proportional to transmission power, it is also possible to jointly design power control
and routing by applying average link bit error rate as the routing metric. During the
routing process, only the link satisfying the minimal average BER can be accepted as a
valid link, therefore the routing requests are only propagated through those valid links.
The benefit of this scheme is that the link quality can be monitored in a distributed
manner, thus the source does not need to send probe packet. However, it requires more
processing power than the power aware QoS routing in Chapter 4.
In addition, delay may be the most critical QoS requirement for some applications
such as voice and real time video. In [28], a distributed power control is proposed to
achieve minimal power consumption while satisfying delay constraint. Although this
work did not focus on routing, it can be integrated with our scheme in the future.
102
Anonymous routing can well protect the privacy and security and guard against
passive attacks. However, it cannot defend active attacks. For example, for inter-cluster
routing, attacker can easily launch a DOS attack by dropping packets or issue a wrong
public key to disrupt a routing process. Thus detection of an intruder needs to be
considered for a foolproof anonymity and secure routing. Many research efforts have
discussed Intrusion Detection System (IDS) [77, 78] and the countermeasures of the
associated attacks [79] in MANET, but they are not integrated with secure anonymous
routing. It may be addressed as a future dissertation topic.
103
APPENDIX A
PROOF OF THEOREM 1
Proof: A target SIR vector tarγ is achievable for all simultaneous transmitting-receiving
pairs within the same channel if the following conditions are met [80, 81]
tar
i γγ ≥ (A-1)
0≥p (A-2)
where p is the vector of transmitting powers. Replacing iγ with Equation (4-4) and
rewriting the above conditions in matrix form gives
upZItar
≥Γ− ][ (A-3)
0≥p (A-4)
Where matrix tarΓ is a diagonal matrix
=
=Γotherwise 0
jitar
itar
ij
γ
(A-5)
and matrix Z is the following nonnegative matrix
=
≠=
ji 0
jiLh
h
Zii
ij
ij (A-6)
u is the vector with elements
NiLhu ii
tar
ii ,...,2,1 ,/2== σγ (A-7)
It is shown in [81] that if the system is feasible, the matrix ][ ZI tarΓ− must be
104
invertible and the inverse should be element-wise positive, thus proves the theorem.
It is also shown in [81] (Proposition 2.1) that if the system is feasible, there exists a
unique (Pareto optimal) solution which minimizes the transmitted power. This solution is
obtained by solving a system of linear algebraic equations
upZItar
=Γ−*][ (A-8)
105
REFERENCES
[1] G. Aggelou, “Mobile Ad Hoc Networks: From Wireless LANs to 4G Networks”,
McGraw Hill, 2005.
[2] D. R. Vaman, “Complexities of Ad Hoc Wireless Network Architectures and Their
Dual Use Capabilities for Multi-Service QoS Assured Applications”, IEEE Conference
on Enabling Technologies for Smart Appliances, January, 2005, Invited Talk.
[ 3 ] J. Sun, “Mobile Ad Hoc Networking: An Essential Technology for Pervasive
Computing”, International Conferences on Infotech & Infonet, 2001, pp. 316-321.
October 2001.
[4] C. Chong, S. P. Kumar, “Sensor Networks: Evolution, Opportunities, and Challenges”,
Proceedings of the IEEE, Vol. 91, No. 8, pp. 1247-1256, August 2003.
[5] C. Murthy, B.S. Manoj, “Ad Hoc Wireless Networks: Architectures and Protocols”,
Prentice Hall, 2004.
[6] D. R. Vaman, “ARO CeBCom Annual Technical Report, 2006”, submitted to the US
Army Research Office, August 2006.
[ 7 ] C. Perkins, P. Bhagwat, “Highly dynamic Destination Sequenced Distance-
Vector(DSDV) for mobile computers”, SIGCOMM Conference on Communications
Architecture, Protocols and Applications, pp. 234-244, August 1994.
[8] S. Murthy, J. J. Garcia-Luna-Aceves, “An Efficient Routing Protocol for Wireless
Networks”, ACM Mobile Networks and Applications Journal, Special issue on Routing in
Mobile Communication Networks, Vol. 1, No. 2, pp. 183-197, October 1996.
[9] J. J. Garcia-Luna-Aceves, M. Spohn, “Source-tree routing in wireless networks”, The
7th International Conference on Network Protocols (ICNP), pp. 273-282, Novermber
1999.
[10] T. Clausen, P. Jacquet, “Optimized link state routing protocol”,
http://www.ietf.org/rfc/rfc3626.txt.
106
[ 11 ] D. B. Johnson, D. A. Maltz, “Dynamic Source Routing in Ad Hoc Wireless
Networks”, Mobile Computing, Chap. 5, pp. 153-181, Kluwer Academic Publishers,
1996.
[12] C. Perkins, “Ad Hoc On Demand Distance Vector (AODV) routing”, Internet-Draft,
draft-ietf-manetaodv-spec-00.txt, November 1997.
[13] V. Park, M. Corson, “Temporally-Ordered Routing Algorithm (TORA): Version 1
Functional Specification”, Internet-Draft, IETF, July 2001. draft-ietf-manet-tora-
spec04.txt.
[14] Y. Ko, N. H. Vaidya, “Location-aided routing (LAR) in mobile ad hoc networks”,
The 4th annual ACM/IEEE International Conference on Mobile Computing and
Networking, pp. 66-75, October 1998.
[15] C. Toh, “Associativity-Based Routing for Ad-Hoc Mobile Networks”, Wireless
Personal Communications, Vol. 4, No. 2, pp. 1-36, March 1997.
[16] R. Dube, C. D. Rais, K.-Y. Wang, S. K. Tripathi, “Signal stability based adaptive
routing (SSA) for ad-hoc mobile networks”, IEEE Personal Communications, pp. 36-45,
February 1997.
[17] S. Lee, M. Gerla, “Split Multi-path Routing with Maximally Disjoint Paths in Ad
Hoc Networks”, IEEE International Conference on Communications, pp. 3201-3205,
May 2001.
[18 ] L. Wang, Y. Shu, M. Dong, L. Zhang, O. Yang, “Adaptive Multi-path Source
Routing in Ad hoc Networks”, IEEE International Conference on Communications, pp.
867-871, June 2001.
[19] M. K. Marina, S. R. Das, “On-demand Multi-path Distance Vector Routing in Ad
Hoc Networks”, the Ninth International Conference for Network Protocol, pp. 14-23,
November 2001.
[20] Z. Ye, S. V. Krishnamurthy, S. K. Tripathi, “A Framework for Reliable Routing in
Mobile Ad Hoc Networks”, IEEE INFOCOM 2003, pp. 270-280, April 2003.
[21] Z. J. Haas, M. R. Pearlman, “The Zone Routing Protocol (ZRP) for Ad Hoc
Networks”, Internet-Draft, draft-ietf-manet-zone-zrp-02.txt, July 2002.
[22] C. Chiang, “Routing in Clustered Multihop, Mobile Wireless Networks with Fading
Channel”, IEEE Singapore International Conference on Networks, pp.197-211, Apr.1997.
[23] M. Jiang, J. Li, Y.C. Tay, “Cluster based routing protocol(CBRP)”, Internet Draft,
MANET working group, dralt-ietf-manet-cbrp-spec-0 I .txt, Aug. 1999.
107
[24] A. Iwata, C. Chiang, G. Pei, M. Gerla, T. Chen, “Scalable routing strategies for ad
hoc wireless networks”, IEEE Journal on Selected Areas in Communication, Vol. 17, No.
8, pp. 1369–1379, August 1999.
[25] S. Singh, M. Woo, C. S. Raghavendra, “Power-Aware Routing in Mobile AdHoc
Networks”, IEEE International Conference on Mobile Computing and Networking, pp.
181-190, October 1998.
[ 26 ] C. K. Toh, “Maximum Battery Life Routing to Support Ubiquitous Mobile
Computing in Wireless Ad hoc Networks”, IEEE Communication Magazine, Vol. 39, No.
6, pp. 138-147, June 2001.
[27] M. Maleki, K. Dantu, M. Pedram, “Power-aware source routing protocol for mobile
ad hoc networks”, The 2002 International Symposium on Low Power Electronics and
Design, pp. 72-75, August 2002.
[ 28 ] Qi Qu, L. B. Milstein, D. R. Vaman, "Distributed Power and Scheduling
Management for Mobile Ad Hoc Networks with Delay Constraints", Military
Communications Conference, pp. 1-7, October 2006.
[29] S. Narayanaswamy, V. Kawadia, R. S. Sreenivas, P. R. Kumar, “Power control in
ad-hoc networks: Theory, architecture, algorithm and implementation of the COMPOW
protocol”, European Wireless Conference, pp. 156-162, February 2002.
[ 30 ] W. Heinzelman, A. Chandrakasan, H. Balakrishnan, “Energy-efficient
communication protocol for wireless sensor networks”, The Hawaii International
Conference System Sciences, pp. 449-454, January 2000.
[31] A. Yener, S. Kishore, “Distributed Power Control and Routing for Clustered CDMA
Wireless Ad Hoc Networks”, IEEE Vehicular Technology Conference, pp. 2951-2955,
September 2004.
[32] M. Younis, M. Youssef, K. Arisha, “Energy-Aware Routing in Cluster-Based Sensor
Networks”, IEEE/ACM International Symposium on Modeling, Analysis and Simulation
of Computer and Telecommunication Systems (MASCOTS2002), pp. 129-136, October
2002.
[ 33 ] S. Chen, K. Nahrstedt, “Distributed Quality-of-Service Routing in Ad Hoc
Networks”, IEEE Journal on Selected Areas in Communications, Vol.17, No.8, pp.1488-
1505, August 1999.
[34] L. Chen, W. Heinzelman, “QoS-Aware Routing Based on Bandwidth Estimation for
Mobile Ad Hoc Networks”, IEEE Journal on Selected Areas in Communications, Vol.23,
No.3, pp.561-572, March 2005.
108
[35] A. Alwan, “Adaptive Mobile Multimedia Networks”, IEEE PCS Magazine, Vol. 3,
No. 2, pp. 34-51, April 1996.
[36] A. Srinivas, E. Modiano, “Minimum Energy Disjoint Path Routing in Wireless Ad-
Hoc Networks”, The Annual International Conference on Mobile Computing and
Networking, pp.122-133, September 2003.
[37] A. Tsirigos, Z.J. Haas, “Analysis of Multi-path Routing - Part I: The Effect on the
Packet Delivery Ratio”, IEEE Transactions on Wireless Communications, Vol. 3, No. 1,
pp. 138-146, January 2004.
[38] A. Tsirigos, Z.J. Haas, “Analysis of multi-path routing - part II: mitigation of the
effects of frequently changing network topologies”, IEEE Transactions on Wireless
Communications, Vol. 3, No. 2, pp. 500-511, March 2004.
[39] Y. Hu, D. B. Johnson, A. Perrig, “SEAD: Secure Efficient Distance Vector Routing
for Mobile Wireless Ad Hoc Networks”, The 4th IEEE Workshop on Mobile Computing
Systems & Applications (WMCSA 2002), pp. 3-13, June 2002.
[40] Y. Hu, A. Perrig, D. B. Johnson, “Ariadne: A secure On-Demand Routing Protocol
for Ad hoc Networks”, The Annual International Conference on Mobile Computing and
Networking, pp. 12-23, September 2002.
[41] P. Papadimitratos, Z. J. Haas, “Secure Routing for Mobile Ad hoc Networks”, SCS
Communication Networks and Distributed Systems Modeling and Simulation Conference
(CNDS 2002), pp. 193-204, January, 2002.
[42] K. Sanzgiri, B. Dahill, B. N. Levine, C. Shields, E. M. Belding-Royer, “A Secure
Routing Protocol for Ad Hoc Networks”, IEEE International Conference on Network
Protocols (ICNP'02), pp. 78-87, November 2002.
[43] M. G. Zapata. “Secure Ad hoc On-Demand Distance Vector (SAODV) Routing”,
IETF Internet Draft, draft-guerrero-manet-saodv-00.txt, August 2001.
[44] H. Lin, Y. Huang, T. Wang, “Resilient Cluster-Organizing Key Management and
Secure Routing Protocol for Mobile Ad Hoc Networks”, IEICE Transactions
Communications, Vol.E88–B, No. 9, Semptember 2005.
[45] M. Bechler, H.J. Hof, D. Kraft, F. Pahlke, L. Wolf, “A Cluster-Based Security
Architecture for Ad Hoc Networks”, IEEE INFOCOM 2004, pp. 2393-2403, March 2004.
[46] V. Varadharajan, R. Shankaran, M. Hitchens, “Security for cluster based ad hoc
networks”, Computer Communications, Vol.27, No. 5, pp.488-501, March 2004.
109
[47] R. Poosarla, H. Deng, A. Ojha, D. P. Agrawal, “A cluster based secure routing
scheme for wireless ad hoc networks”, IEEE International Conference on Performance,
Computing, and Communications, pp. 171-175, April 2004.
[48] B. Schneier, “Applied Cryptography: Protocols, Algorithms, and Source Code in C”,
2nd Ed, John Wiley & Sons, 1996.
[ 49 ] D. Chaum, “Untraceable Electronic Mail, Return Addresses, and Digital
Pseudonyms”, Communications of the ACM, Vol.24, No.2, pp. 84-90, February 1981.
[ 50 ] R. Sherwood, B. Bhattacharjee, A. Srinivasan, “P5: A Protocol for Scalable
Anonymous Communication”, IEEE Symposium on Security and Privacy, pp. 58-70,
May 2002.
[51] M. K. Reiter, A. D. Rubin, “Crowds: anonymity for Web transactions”, ACM
Transactions on Information and System Security (TISSEC), Vol.1, No. 1, pp.66 - 92,
November 1998.
[52] A. Boukerche, K. El-Khatib, L. Xu, L. Korba, “SDAR: A Secure Distributed
Anonymous Routing Protocol for Wireless and Mobile Ad Hoc Networks”, The 29th
Annual IEEE International Conference on Local Computer Networks (LCN’04), pp. 618-
624, November 2004.
[53] J. Kong, X. Hong, M. Gerla, “ANODR: ANonymous On Demand Routing with
Untraceable Routes for Mobile Ad-hoc Networks”, ACM International Symposium on
Mobile Ad Hoc Networking & Computing (MobiHoc 2003), pp. 291-302, June 2003.
[ 54 ] M. Reed, P. Syverson, D. Goldschlag, “Anonymous Connections and Onion
Routing”, IEEE Journal on Selected Areas in Communication Special Issue on Copyright
and Privacy Protection, Vol. 16, No. 4, pp. 482-494, May 1998.
[55] B. Zhu, Z. Wan, M. S. Kankanhalli, F. Bao, R. H. Deng, “Anonymous Secure
Routing in Mobile Ad-Hoc Networks”, The 29th Annual IEEE Conference on Local
Computer Networks (LCN), pp. 102-108, November 2004.
[ 56 ] Y. Zhang, W. Liu, W. Lou, “Anonymous communications in mobile ad hoc
networks”, IEEE INFOCOM 2005, pp. 1940-1951, March 2005.
[ 57 ] S. Capkun, J. Hubaux, M. Jakobsson, “Secure and Privacy-Preserving
Communication in Hybrid Ad Hoc Networks”, EPFL Tech. Report, January 2004.
110
[58] C. Comaniciu, H.V. Poor, “QoS Provisioning for Wireless Ad Hoc Data Networks
(invited paper)”, The 42nd IEEE Conference on Decision and Control, pp. 92-97,
December 2003.
[59] J. Liu, X. Hong, J. Kong, Q. Zheng, N. Hu, and P. Bradford, “A Hierarchical
Anonymous Routing Scheme for Mobile Ad-Hoc Networks”, IEEE Military
Communications Conference, pp. 1-7, October 2006.
[60] http://standards.ieee.org/getieee802/download/802.11-1999.pdf
[61] L. Qian, N. Song, D. R. Vaman, X. Li, Z. Gajic, “Joint power control and maximally
disjoint routing for reliable data delivery in multihop CDMA wireless ad hoc networks”,
IEEE Wireless Communications and Networking Conference, pp. 300-306, April 2006.
[62] L. Qian, D.R. Vaman, N. Song, “QoS-Aware Maximally Disjoint Routing in Power
Controlled Multihop CDMA Wireless Ad Hoc Networks”, EURASIP Journal on
Wireless Communications and Networking 2007, Special issue on Wireless Mobile Ad
Hoc Networks.
[63] R.L. Cruz, A. Santhanam, “Optimal Routing, Link Scheduling and Power Control in
Multi-hop Wireless Networks”, IEEE INFOCOM 2003, pp.702-711, May 2003.
[ 64 ] R. Berry, E. Yeh, “Cross-Layer Wireless Resource Allocation”, IEEE Signal
Processing Magazine, pp. 59-68, September 2004.
[ 65 ] D. Bertsekas, J. Tsitsiklis, “Parallel and Distributed Computation: Numerical
Methods”, Prentice Hall, 1989.
[66] R. Yates, “A Framework for Uplink Power Control in Cellular Radio Systems”,
IEEE Journal on Selected Areas in Communications, Vol.13, No.7, pp.1341-1348,
September 1995.
[67] L. Qian, N. Song, D. R. Vaman, X. Li, Z. Gajic, “Power Control and Proportional
Fair Scheduling with Minimum Rate Constraints in Clustered Multihop TD/CDMA
Wireless Ad Hoc Networks”, IEEE Wireless Communications and Networking
Conference, pp. 763-769, April 2006.
[ 68 ] A. Alwan, “Adaptive Mobile Multimedia Networks”, IEEE Personal
Communications, Vol. 3, No. 2, pp. 34-61, April 1996.
[69] G. Stüber, “Principles of Mobile Communication”, Kluwer Academic Publishers,
2001.
111
[70] L. Qian, N. Song, X. Li, "Secure Anonymous Routing in Clustered Multihop
Wireless Ad Hoc Networks", IEEE Information Sciences and Systems 2006, pp. 1629-
1634, March 2006.
[71] L. Qian, N. Song, X. Li, “SARC: Secure Anonymous Routing for Cluster based
MANET”, Wireless Communications Research Trends, Nova Science Publishers, to
appear.
[72] R. Song, L. Korba, G. Yee, “AnonDSR: Efficient Anonymous Dynamic Source
Routing for Mobile Ad-Hoc Networks”, The 2005 ACM Workshop on Security of Ad Hoc
and Sensor Networks (SASN 2005), pp. 32-42, November 2005.
[73] http://www.eskimo.com/~weidai/benchmarks.html.
[74] A. Serjantov, G. Danezis, “Towards an information theoretic metric for anonymity”,
Privacy Enhancing Technologies (PET), pp. 259-263, April 2002.
[75] C. Diaz, “Anonymity Metrics Revisited”, DAGSTUHL Seminar on Anonymous
Communication and its Applications, September 2005.
[76] F. Digham, M. Alouini, “Variable-Rate Noncoherent M-FSK Modulation for Power
Limited Systems Over Nakagami-Fading Channels”, IEEE Transactions on Wireless
Communications, Vol. 3, No. 4, pp. 1295-1304, July 2004.
[77] Y. Zhang, W. Lee, Y. Huang, “Intrusion detection techniques for mobile wireless
networks”, Wireless Networks, Vol. 9, No. 5, pp. 545–56, September 2003.
[78]A. Mishra, K. Nadkarni, A. Patcha, “Intrusion detection in wireless ad hoc networks”,
IEEE Wireless Communications, Vol. 11, No. 1, pp. 48 - 60, February 2004.
[79] L. Qian, N. Song, X. Li, "Detection of Wormhole Attacks in Multi-path Routed
Wireless Ad Hoc Networks: A Statistical Analysis Approach", Journal of Network and
Computer Application, Vol 30, No. 1, pp. 308-330, January 2007.
[80] G. Foschini, Z. Miljanic, “A simple distributed autonomous power control algorithm
and its convergence”, IEEE Transactions on Vehicular Technology, vol.42, No.4, pp.
641-646, November 1993.
[81] D. Mitra, “An asynchronous distributed algorithm for power control in cellular radio
systems”, The 4th WINLAB Workshop of 3rd Generation Wireless Information Networks,
pp. 177-186, October 1993.
112
CURRICULUM VITAE
EDUCATION
• Jan 2004 – August 2007 Ph. D. Degree in Electrical Engineering, Department
of Electrical and Computer Engineering, Prairie View A&M University.
• Sept 1995 - April 1998 M.S. Degree in Applied Mathematics, University of
Science and Technology, Beijing, P.R.CHINA
• Sept 1991 - July 1995 B.E. in Electrical Engineering, University of
Technology, Wuhan, P.R.CHINA
EXPERIENCES
• Jan 2004 - Present: Research Assistant, ARO Center for Battlefield
Communications (CeBCom) Research, Department of ECE, Prairie View A&M
University
• July 2001 - Feb. 2003: Senior Engineer of iTrusChina Co., Ltd
(www.itrus.com.cn)
• Dec 1999 - June 2001: Senior Engineer, Datatrust Information Technologies Co.,
Ltd
• April 1998 - November 1999: Software Engineer, Beijing HuaGuang Electronic
Co., Ltd
PUBLICATIONS
• Refereed Conference Papers
1. Ning Song, Lijun Qian and et. al, “Wormhole Attacks Detection in Wireless
Ad Hoc Networks: A Statistical Analysis Approach”, in Proceeding of The
1st International Workshop on Security in Systems and Networks (SSN 2005),
Apr 2005.
2. Lijun Qian, Ning Song, and et. al, “Detecting and locating wormhole attacks
in wireless ad hoc networks through statistical analysis of multi-path”, in
Proceeding of IEEE Wireless Communications and Networking Conference
(WCNC 2005), New Orleans, LA.
3. Lijun Qian, Ning Song, Dhadesugoor R. Vaman, and et. al, “Joint Power
Control and Maximally Disjoint Routing for Reliable Data Delivery in
Multihop Wireless Ad Hoc Networks”, in Proceeding of IEEE Wireless
Communications and Networking Conference (WCNC 2006), Apr 2-6, Las
Vegas, NV.
113
4. Lijun Qian, Ning Song, Dhadesugoor R. Vaman, and et. al, “Power Control
and Proportional Fair Scheduling with Minimum Rate Constraints in
Clustered Multihop TD/CDMA Wireless Ad Hoc Networks”, in Proceeding
of IEEE Wireless Communications and Networking Conference (WCNC
2006), Apr 2-6, Las Vegas, NV.
5. Lijun Qian, Ning Song, and et. al, “Secure Anonymous Routing in Clustered
Multihop Wireless Ad Hoc Networks”, in Proceeding of IEEE Conference
on Information Sciences and Systems (CISS 2006), Mar 22-24, Princeton, NJ.
• Refereed Journal Papers
6. Lijun Qian, Ning Song, and et. al, "Detection of Wormhole Attacks in Multi-
path Routed Wireless Ad Hoc Networks: A Statistical Analysis Approach",
Journal of Network and Computer Applications, vol.30, pp.308-330, 2007.
7. Lijun Qian, Dhadesugoor R. Vaman, and Ning Song, "QoS-Aware
Maximally Disjoint Routing in Power Controlled Multihop CDMA Wireless
Ad Hoc Networks", EURASIP Journal on Wireless Communications and
Networking, special issue on Wireless Mobile Ad Hoc Networks, to appear.
8. Ning Song, Lijun Qian, and Dhadesugoor R. Vaman, “Energy Efficient QoS
Routing in Cluster based MANET”, IEEE Communications (Submitted).
• Book Chapter
9. Lijun Qian, Ning Song, and et. al, “SARC: Secure Anonymous Routing for
Cluster based MANET”, book chapter in Wireless Communications
Research Trends, Nova Science Publishers, to appear.