A Fuzzy QOS Key Base Secured MANET Routing with Multipath ...

Manjunath Gadiparthi,Ramakrishna Paladugu,Sudhakar Paladugu,Muralidhar Vejendla Int. J. Comp. Tech. Appl., Vol 2 (3),655-665 

ISSN:2229-6093 

A Fuzzy QOS Key Base Secured MANET Routing with Multipath Data 

Fragmentation (FQKSMR) 

Manjunath Gadiparthi * , Ramakrishna Paladugu ** , Sudhakar Paladugu # and Muralidhar Vejendla ## 

* Head, Dept. of CSE, Jawaharlal Nehru Institute of Technology, Hyderabad. 

** Associate Professor, Department of CSE in Jawaharlal Nehru Institute of Technology, Hyderabad. 

# Assistant Professor, Department of CSE in Jawaharlal Nehru Institute of Technology, Hyderabad. 

## Assistant Professor in Department of CSE, Tenali Engineering Collge, Tenali. 

* gmanjunathc2000@yahoo.co.in, ** ramakrishna18.paladugu@gmail.com, # mails4sudhakar@gmail.com and 

## vmdharesearch@gmail.com 

Abstract 

MANET or Mobile Adhoc Network has drawn 

considerable research attention and application over 

the last few years. With the increase of applicability, 

and adaptability of the network in Private virtual 

network or wireless personal area network, the attacks 

and intrusion of MENT data has also increased which 

has lead to design various protocol extensions over the 

conventional 802.11 MAC security extensions for 

providing more security to such a network. MANET 

sessions are generally short and busty which requires 

the security extension to be designed in such a manner 

that the keys are short lived and refreshed frequently in 

order to make it impossible for intruder to hack any 

data. Therefore conventional public key cryptography 

with centralized key distribution mechanisms are not 

well suited for MANET. Therefore in this work we 

propose a unique decentralized dynamic key generation 

and security extension for MANET where keys are 

generated depending upon the state of a node and it’s 

link status like its energy, relative mobility, QOS 

parameters like delay, bandwidth, power loss based on 

fuzzy inference rule set. This key is further combined 

with a user level password for authentication and digital 

content encryption. As the state of the nodes differs 

almost in every session and sometimes in the middle of a 

session, hacking such key is theoretically “impossible” 

as the key refresh time is minimum here. The proposed 

technique is simulated with OMNET++ environment. 

Result shows significant proof of real time adaptability 

of the technique. 

Keywords—Fuzzy, MANET, QOS, Multipath, Security, Key 

Management. 

1. Introduction 

Mobile Adhoc Network is an infrastructure less 

network where nodes exchange data and packets 

through intermediate nodes. The directed set of 

intermediate nodes through which a source and 

destination pair exchange message is known as a route. 

The process of route building can be both proactive and 

reactive. Due to mobility of the nodes a preformed route 

may not service the end nodes well. Therefore most of 

the works consider reactive or on demand routing as the 

best solution for MANET. The route building process is 

shortly explained below to understand the security 

concerns in MANET. 

a) Each Node broadcasts a periodic hello message to 

its neighbors which contains its id, so that neighbors can 

build a routing table entry for this node. This node is 

periodic with 3 seconds is considered as most optimized 

refresh rate of the packets. 

b) A source node broadcasts RREQ message with the 

source and the destinations IDs. Each intermediate node 

checks whether the destination has a valid path or not. If 

so, they generate a RREP packet or they update a 

precursors list which is the path list from which the 

RREQ packet has traversed. Also it stores the ID of the 

RREQ and any subsequent RREQ from any other path is 

dropped. 

c) Once the packet reaches to the destination, 

destination generates RREP packet and unicast it 

through the path it had received the RREQ. All the nodes 

from destination to the source which are included in the 

RREP packets makes a table entry in the precursors list 

and they know that they will be part of communication 

path from source to destination. 

655


ISSN:2229-6093 

d) Once the packet reaches to the source node, source 

note the path and generates acknowledgement packet 

which traverses through the intermediate node till the 

destination to inform it that a route is build and that the 

data packets are to be followed. 

e) Data transmission follows from source to 

destination through the nodes which are included in path 

cache during route building phase. 

The steps are more clearly explained in [1]. Now let us 

analyze the security loopholes of MANET and possible 

attacks by considering a sample topology as 

demonstrated in figure 1 which comprises of both 

authenticated and non authenticated nodes. 

Figure 2. Radio Range of the nodes. Also 

Showing an Impersonating node receiving a 

Hello Message. 

Figure 1. Initial node distribution in MANET 

topology. 

Green nodes are the valid node and Red nodes are unauthenticated 

impersonating nodes. 

Figure 3. A valid Route formed through 

authentic nodes. 

Figure4. A path build through node 3 which is 

non authenticated node. 

656


ISSN:2229-6093 

From figure 2 it is clear that control messages like 

RREQ and hello packets are received by all the nodes, 

including the authenticated nodes which lead to their 

inclusion in the path as shown in figure 4. Also a close 

observation of the topology in figure 1 and figure 4 

reveals that the MANET topology changes frequently 

due to node movement and the neighborhood of the 

nodes also changes with that. Therefore in a single 

session there may have to form more than one path from 

source to destination. Thus the observation leads to 

following criteria for secured MANET environment. 

a) Nodes must be pre-authenticated and that that each 

node must know the authenticity of all the other nodes in 

their neighborhood 

b) RREQ packets must be encrypted so that only 

authenticated nodes can read the header and therefore 

only authenticated nodes can include them in the path. 

c) Key must be refreshed frequently in order to avoid 

guessing. This is because wireless impersonating nodes 

will receive many messages in the wireless environment 

that leads to significant database for guessing the key. 

d) The initial authentication must be fast for fast route 

building process. 

In order to understand the possible framework for 

achieving the objectives in MANET security, we will 

first analyze the past works and proposals in Literature 

Survey in section II. The findings and discussions of this 

section will be used as a background for proposed 

technique which is presented in section III. Detailed 

methodology with discussion is presented in section IV. 

Detailed Simulation environment, settings and procedure 

is elaborated in section V. The proposed work is 

analyzed through the obtained results in the result 

section of VI. Lastly the work is concluded with 

discussions about the findings, improvement achieved 

through proposed work and further improvement 

possible as a future direction. 

2. Literature Review 

Charles Perkins [1] introduced the fundamental 

concept of MANET and emphasized on demand routing 

protocol AODV. The paper introduces various aspects 

and stages of on demand routing and the common 

packets and events associated with the routing. The 

paper forms the fundamental base of understanding the 

actual model of security aspects in MANET. 

Understanding of route discovery structure and the 

various layer’s role in MANET provides a better 

foundation to understand the loopholes and attacks on 

MANET that can be addressed through new security 

extensions or modified version of the existing extensions. 

Hao Yang et al. [2] identifies the basic problem of 

MANET for offering a security to the traffic. Unlike the 

wired network, there is no fixed routers in MANET, 

which makes it impossible for monitoring and 

administrating the security of the network. The wireless 

channel is accessible by both legitimate and non 

legitimate nodes. Therefore [2] suggests that the security 

protocol in MANET must be divided into both proactive 

and reactive techniques where proactive techniques is 

the preventive measure where as reactive methods 

incorporates techniques like intrusion detection for 

detecting the attacks in the network. It also emphasizes 

on the fact that adding security features also adds 

overhead in communication and computation. Walking 

on this discussion ZhengMing Shen [3] claims that QOS 

and Security are two integral part of MANET and 

security extensions must not affect the desired QOS of 

MANET. Papadimitratos [4] models a noval framework 

for demonstrating malicious disruption in data 

transmission and simulates secured message transmission 

over secured single path. The protocols are tested with 

tolerable delay and data delivery rate variations and the 

results lays the foundation of the theory that security 

extensions, if designed appropriately never affects the 

overall quality of service to a great deal. The 

understanding of more fundamental problems for 

offering better security solutions for MANET is 

attributed by factors like change in topology, 

co-operative nature of the routing which both violates 

the basic principal of security systems[5]. Though 

technically there are various different attacks possible at 

different layers and different types of services in 

MANET, Eavesdropping and Traffic analysis of Physical 

layer attacks, Balckhole and Spoofing attacks of 

network layer are the most significant ones that desire 

strong security protocol to be incorporated in order to 

prevent impersonation, Pradip M.[6]. In order to bring 

network monitoring into play in the dynamic MANET 

architecture, intermediate nodes must be given the 

responsibility of detecting attacks in a route. This scheme 

is presented by Kathirvel[7] where a node is given the 

responsibility of forwarding as well as monitoring or 

“umpiring”[15]. But the type of attack for which the 

system is designed are modifying the hop counts and 

dropping packets. The severe most problem as discussed 

is the eavesdropping. Therefore though the technique 

presents a framework and algorithm suitable for 

understanding the basic sequence of security system, the 

results can not be accepted without really checking the 

response against intrusive and impersonating nodes. [8] 

657


ISSN:2229-6093 

proposes a secured routing protocol on the background 

of Ashokan [9] who argues that secured key exchange in 

MANET is one of the most practical ways of ensuring 

security to the network functionality because the end 

nodes are trust worthy and at the time of deployment 

may decide about the key and should be able to 

authenticate each other. The main disadvantage of the 

solution is that key is considered to be persistent 

throughout the session which gives significant guessing 

time to the eavesdropping nodes. We have shown in our 

prior work[10] as how to develop a model for secured 

routing in MANET with automatic key refreshing. We 

have also demonstrated that such frequent changes of 

keys do not affect the network parameters by great deal. 

The key distribution technique for MANET was 

proposed long back in 1999 by Lidong Zhou[11]. But 

the system model is based on configuring special key 

distributing nodes called servers. MANET is widely 

accepted due to its decentralized nature. Therefore 

public key cryptography with centralized key distribution 

can not be considered as the best scheme for MANET 

security. Though authors have proposed a mechanism of 

decentralizing the key distribution process as the 

communicant is progressed, such a scheme do not fit into 

original system model of MANET. Therefore we 

emphasize on developing a scheme where the keys are 

refreshed periodically and automatically and without any 

need of key distribution mechanism. The idea of 

centralized security has not been rejected entirely though 

many papers have proposed a decentralized method; key 

distribution is argued and accepted as a centralized 

problem with secured infrastructure [19]. But the 

distribution center and security monitoring points are 

checked through special nodes which are dynamically 

selected in the beginning of a MANET session and are 

periodically updated. Such nodes are called cluster 

heads. Many papers[12],[13],[14] adopt this approach 

for security extensions in MANET. Clusters are not only 

responsible for key distribution but they can also be 

assigned with the responsibility of monitoring un desired 

behavior in MANET. Though as discussed early in the 

section, Srdjan Capkun et. al. [18] has also argued that 

MANET security mechanisms must be decentralized and 

at best should be node-to-node basis. In the papers 

authors have demonstrated a time bound key generation 

and authentication techniques whereby a source node 

authenticates the certificate of another node. The paper 

lay significant foundation in understanding how exactly a 

key trust lifetime be adopted and how should be initial 

trust model amongst the nodes. 

Shuyao Yu et al. [16] presents the entire security 

extension in MANET as a structured top down layer 

approach and divides the main operations into five 

categories: SL5 End-to-End Security,SL4 Network 

Security,SL3 Routing Security,SL2 Communications 

Security, SL1 Trust Infrastructure. We focus on SL3 

and SL4 because the common de-facto of 802.11 

protocol is that it has a WEP extension through which it 

can guarantee security to wireless transmission. It is the 

data and user level security that is a major concern in 

building security applications for MANET. The basic 

loophole of MANET is the broadcast storm. Many 

important MANET packets are broadcasted which 

makes it very difficult to control the intrusion. Therefore 

Balakrishna[20] approach of restricting the broadcasting 

packet may be an important direction towards MANET 

security. Though the work is not meant to extend the 

security structure in MANET, it is a significant design 

where the nodes can select other nodes to whom they 

need to forward the packet rather than blindly putting 

broadcast address in the MAC packet of the control 

messages like the hello message and RREQ packet. But 

this paper also requires a temporary station called 

backbone. Therefore the work model do not suite the 

direction security model presented in this paper. 

Therefore rather than restricting the packets 

transmission, key exchange based mechanism is 

considered as the better option. But as pointed by Dr. 

Anil Kapil[21] the main problem with mutual trust model 

is that each node must remember (n-1) keys where n is 

the number of nodes in the network. As network 

increases, there is a need of updating n(n-1)/2 keys which 

is significantly time and bandwidth consuming. Though 

the basic model requires the initiation process to be done 

through a key distribution center, the significant 

improvement of the overall system over other 

mechanism is that once the trust model is build, the key 

distribution center can go offline and the keys are still 

updated. The key pairing protocol is explained in detail 

in[25]. Assuming that an initial security needs to be build 

before any communication begins, nodes need significant 

initial delay for trust building. Even after the trust 

building process is over through key exchange there 

needs to be a secured process for finding the route. 

Mamtha, Sharma[22] elaborates a unique type of routing 

attack in MANET. The intruder node once receives 

RREQ, floods the packets or rushes the packets to all the 

neighbors and incorporates itself in a route. Further all 

the packets are transmitted through this nodes which 

gets a chance of predicting the key if the key lifetime is 

long enough. Thus not only that the RREQ packets must 

also be encrypted, the key lifetime must also be small so 

658


ISSN:2229-6093 

that the intrusive nodes cannot add themselves frequently 

in the route. Based on Tseng[23] model authors in [24] 

proposes a node authentication scheme based on 

certificate revocation List(CRL) status check of the key 

distribution servers. 

3. Proposed Work 

There may be three types of nodes possible in the 

topology 1) Valid Nodes, 2) Nodes which are part of the 

authenticated network but not authenticated for 

participating in current data transmission, 3) Nodes 

which are unauthenticated for the network. Most of the 

security extensions consider only node type 3 as threat. 

Such nodes are eliminated through an initial key 

exchange which is derived from a preloaded hash table. 

The second category of nodes is more challenging with 

respect to the network security perspective. In this work, 

the treat elimination of category 2 nodes is achieved 

through a second category of key that we propose in this 

work. This is called a QOS Fuzzy[31] key. This is 

generated from the QOS parameters in a node. The 

considered parameters are Residual Energy of a 

Node[26], Average Received Power[28], Relative 

Mobility[28], Residual Bandwidth[30], Average 

Observed Delay[29], Average MAC queue size. The key 

is generated from a binary sequence of the state of the 

parameters, resolved through Fuzzy as High, Low and 

Medium. The generated key is used to encrypt the packet 

header of both data and control packet. As the state of 

the impersonating nodes varies very rapidly, the key of 

the node also varies, which eliminates it from the routing 

entity. Further in order to achieve the more security a 

multipath approach[27] is adopted which prevents the 

entire data being exposed to the intermediate nodes. 

4. Methodology 

We divide the overall system into following 

sub-problem and present the security extension in each 

stage. 

a) Initial Authentication of the Nodes: In this work we 

consider the deposition of a Hash table in each valid 

nodes belonging to the network. The hash table contains 

several hash values in a matrix format. The sample 

matrix is as shown in table1 similar to [17]. 

Table 1. Hash Table containing Hash Values in 

the nodes (Actual Structure of 512-512 Hash 

values) 

H11 H12 H13 H14 

H21 H22 H23 H24 

H31 H32 H33 H34 

H41 H42 H43 H44 

The hash table is generated from a hash function 

which converts the set of {node ID range, IP address 

Subnet mask, MAC address range} to hash function and 

uses a discrete random function for generating and 

randomizing the same. If it is assumed that all the valid 

nodes of the network are preloaded with the proposed 

protocol suite then each node with come on board with 

the hash values. 

Initially as nodes exchange hello message. In the 

hello message, the node IDs and hop fields are appended. 

The initial hello message is incorporated with a cipher 

generated from user level password which is assumed to 

have been distributed amongst the nodes which are 

authenticated for transmission. This cipher text is 

encrypted with a random hash from the hash table. Once 

a node receives the message, it tries to decode the 

message with all possible combination of hashes from the 

table and matching the cipher text for each instance. This 

is time consuming and consumes a lot of computation 

cycle. To reduce the computation cycle, the hash value 

index is selected from a hash selection function which 

takes the common user password as input. 

This step reduces the search complexity to only 

single index search. Now the authenticated nodes can 

easily decipher the hello message and build the node ID. 

Type 2 of nodes cannot extract the actual hash because it 

does not know the initial password. Therefore it needs 

two steps for decoding. One search through all the hash 

values to select a particular hash. Even if it tracks the 

hash, it is not aware of the user level common password. 

Hence it cannot generate a valid hello message to embed 

itself in the routing table of the other nodes. As a worst 

case scenario, if the imposter somehow knows the initial 

password, it gets itself authenticated initially. Hence 

extreme caution must be adopted for this key exchange 

amongst the user. Nodes 3 are easily eliminated from the 

initial routing table. 

b) RREQ transmission phase and Route Building 

As First stage eliminates the node 3 type of node, the 

objective of the protocol is to eliminate the participation 

of node type 2 and authenticate and include only node 1. 

Most trusted end to end secured communication is 

carried out with the help of public key cryptography 

where each node maintains two pairs of keys: a public 

key and the private key. Transmitter encrypts the 

message with the public key and the receiver decrypts the 

message with the private key. As MANET routing must 

include intermediate node, the intermediate nodes must 

659


ISSN:2229-6093 

know the public key. As it is understood from our 

proposal that each of these type 2 nodes have a valid 

hash table and know the possible public key. Therefore 

there exists a possibility that any of the routing node acts 

as an imposter and gets an access of the data. Therefore 

the trick is to segment the data in such a way that all the 

nodes along a route do not get access to the entire 

message. Thus every node receiving the RREQ message 

forwards the RREQ message irrespective of its duplicate 

arrivals from other nodes and a node disjoint multipath 

route is developed such that the traffic is splitted 

amongst the nodes. Hence no node is exposed to entire 

set of data. Thus even though type 2 attacks are not 

entirely eliminated, they are minimized. Figure 5 shows a 

result of Node disjoint multipath route. 

Figure 5. Multipath from source to destination. 

Now most interesting de-facto in network security is 

that intruding nodes induce another type of attack known 

as jamming attack. Once a node starts listening to the 

packets that are not meant for this node , then outgoing 

packets suffer more delay due to increased wait in the 

queue in these nodes. Beside the nodes observes more 

packet drop and abrupt energy losses due to more 

computation in the process of intrusion. Most of the 

network adopts a separate intrusion detection model in 

order to detect such abrupt pattern. We introduce a new 

mechanism of maintaining a fuzzy state result at each 

node. The structure is as given below. 

Table 2. Proposed Structure 

Bandwidth Delay Energy Queue 

Size 

Relative 

Mobility 

Power 

Loss 

We develop a fuzzy inference system with following 

outputs 

VERY LOW, LOW, MEDIUM, HIGH, VERY 

HIGH 

Each of the matrices are associated with three type of 

input 

LOW, MEDIUM, HIGH 

Each authenticated nodes are loaded with a hash 

generation method that takes input as 7 byte characters 

generated from the input fuzzy set. 

LLHMML sequence is generated for low bandwidth, 

low delay, high energy, medium queue size, medium 

relative mobility and low power loss. The source node 

encrypts the RREQ packet with the generated hash from 

the desired set of values. As RREQ packet is received by 

a node, the node generates the hash from its own state of 

information and decrypts the RREQ. If the RREQ is 

decrypted successfully, a node forwards the packet. For 

type 3 node, decrypting the control message is widely 

difficult and thus it does not know the basic information 

of the message passing. 

Selected nodes when participate in the routing, the 

packet headers are encrypted with the hash key 

generated from the initial structure, where as the data is 

encrypted with the public key of the network which is a 

randomly selected initial hash value. 

c) Effect of impersonating on the QOS state and the 

Fuzzy Key 

If a node in the route decides to impersonate, its 

energy goes down very fast, queue size decreases, node 

suffer more power loss which changes its QOS state very 

fast. Therefore further packet header which are to be 

routed through this nodes are not routed which shoots 

up an route error packet that leads to route error. 

5. Simulation 

Algorithm 

1) Set up a network with N mobiles Nodes. The 

nodes are spread over axb square meter area. ( Here we 

have considered 550x550 sq meter area for 

simulation).Assign mobility for the nodes. Select the 

speed(v) between 2m/s to 3m/s. Select the mobility 

model as Random way point algorithm. Position of each 

not is represented as a point P(x,y).Initialize the load( 

4096 packets/s, each packet of size 512 bytes) 

Start the transmission and continue for t seconds. 

2) Random waypoint: 

For i=1:1:N 

a) Select a position P1[i] 

b) Move towards P1[i] with persistent speed v m/s. 

c) Update P[i] 

d) If(P[i]==P1[i]) 

Pause for pt milliseconds.// pt=pause time 

660


ISSN:2229-6093 

Goto (a) 

End 

update the co-ordinate values. 

End 

3) At MAC layer: 

Estimate the Received power of the packet PRx., 

Queue size of the MAC and Estimate Energy of 

underneath Physical Layer. 

a) If(MAC has the contention and) 

Forward the packets that are been sent by 

routing layer 

Else 

Iff MAC packet is authenticated 

i) Store the packets in Queue 

ii) wait for the channel access. 

End 

4) At Network Layer: 

At any node K: 

As any Message is Received: 

Bandwidth=Total_bandwidth- ((No of Bits to be 

transmitted)+(No of Bits Received)) 

Delay=Current_Time-Initial_time_stamp_in_message 

Generate HELLO Message, Encrypt with initial Hash 

Value. 

If( HELLO Packet is Received) 

{ 

Key=Hash_Table(user_password) 

Msg=Decrypt(msg,Key); 

If(isValid(msg)) 

{ 

Update_routing_table_entry(); 

Store powerLoss in the routing table. 

For(i=1:all the neighbors) 

{ 

Relative_Mobility(k,i)=(PowerLoss(I,k)_current-Po 

werLoss(I,k)_Prev) 

//Extract the sign of relative mobility 

If Relative_Mobility is +ve then both the nodes are 

approaching, is –ve then they are moving away. Else they 

are steady. 

} 

} 

} 

If(Application_Data_is_Received) 

{ 

If(k has a path to destination) 

{ 

If (there exists P path) 

{ 

Split DATA into P equal parts and 

transmit(EncryptedData(DATA,HashTable(Fuzzy_Desi 

red))) 

} 

Else 

{ 

transmit(EncryptedData(DATA,HashTable(Fuzzy_D 

esired))) 

through the first Path. 

} 

} 

//it needs to be transmitted to other node so generate 

RREQ. 

Fuzzy_in=FuzzyRule(Desired Bandwidth, Desired 

Delay, Desired Queue Size, Desired Energy, Desired 

Power Loss, Desired Relative Mobility) 

Key=Hash_Table(Fuzzy_in); 

RREQ=Encrypt(RREQ,Key); 

} 

If(RREQ is Received) 

{ 

Fuzzy_in=FuzzyRule(Desired Bandwidth, Desired 

Delay, Desired Queue Size, Desired Energy, Desired 

Power Loss, Desired Relative Mobility) 

Key=Hash_Table(Fuzzy_in); 

RREQ=Decrypt(RREQ,Key); 

If(isValid(RREQ)) // is valid checks the RREQ header 

{ 

If(k is not destination) 

{ 

UpdateRouteTable() 

Forward() 

} 

Else 

{ 

Generate_RREP 

Wait for another RREQ to arrive 

Generate_path_for_That_also 

} 

} 

} 

a) Generate beacon Packets to Neighbors 

b) Receive beacon packets forwarded by the 

Neighbors 

c) Prepare Routing table (ID, Hops, Energy) 

d) update Neighbors table 

e) if receiving node is coordinator 

if coordinator has finished receiving all beacons 

generate coordinator beacon 

end 

661


ISSN:2229-6093 

else 

increase the hop field value 

forward the packets. 

end 

e) If (RREQ is received) 

Current Node has Eneough Energy? 

Yes: Forward RREQ 

Update Route Information 

No: Drop RREQ 

End 

f) if(RREP is received) 

update route information. 

Forward to precursor node.// previous nodes 

Notify PAN Coordinator 

End 

g) if (a data packet is received for Application) 

forward to MAC layer 

Update Energy 

end 

h) if( Packet is received from MAC) 

forward to application layer 

end 

i) If( Control Message is received from the MAC) 

Generate RERR. 

Update Energy 

End 

5.At Physical Layer: 

As the packet is received, 

Find type of packet 

Change the Energy level according to equation (1). 

6. At the end of simulation, calculate throughput, 

latency, control overhead, packet delivery ratio. 

b) Simulation Setup 

The system is simulated with omnet3.3 in windows 

operating system. The basic specification is provided in 

detail in table 2. 

Table 3. Simulation Parameters 

Routing 

Multipath AODVM 

Channel Bandwidth 

11.2Mbit/s (IEEE 802.11b) 

Channel Delay 

0.0001 sec 

Channel Error rate 0.000001 

Channel data rate 

11.2 Mbit/s 

Channel Contention 

Mechanism 

slotted version of CSMA/CA 

channel access protocol. 

Node placement 

Random 

Mobility Model 

RWP, Rwalk 

Message packet size 

512 bytes(4096bits) 

Impersonating Nodes( type 2 30% 

and Type 3) 

Burst Interval 

Normally Distributed(2,1,0) 

Control Message Size 512 bytes(4096bits) 

Input Buffer Size 

8.38864e6 bits 

Radio Model 

Free Space Model 

Radio Range 

100 m 

Transmission Power 0.0756W 

Reception Power 0.0828W 

MAC Queue 

2 Mb 

Simulation Area 

500x500 m 

Maximum Node 10-100 

Beacon Interval 

10 Seconds 

Beacon Monitoring Timeout .1second 

SNR Threshold 

10dB 

c) Performance Metrics 

We measure different performance metrics. These 

performances are compared with standard AODV and 

triple umpiring based technique to analyze the 

performance of the proposed system. 

• End-to-End Delay: the time interval between the 

transmission of the packet by a source node and the 

reception at the sink. 

• Packet Loss: percentage of packets lost, as the ratio 

between the number of packets successfully received at 

the sink and all packets generated by the source node. 

• Control overhead: it is defined as number of control 

packets transmitted for every data packet delivered. 

Throughput: Throughput defines the amount of 

channel utilization by all nodes and is measured in 

MBPS. 

Network Lifetime: As the nodes communicate, they 

lose energy. When energy is bellow a minimum threshold 

level, the node dies and cannot participate in 

communication. The time interval from the start of 

simulation to the time when there exists at least one node 

for communication is called network lifetime. It it’s a 

quantities measure for energy efficiency. 

PauseTime: It is the time period between two 

subsequent movements in the mobility model of a node. 

Attacking Node Density: It is defined as Number of 

Malicious Node v/s Total Number of Nodes. 

Average Route Lifetime: This gives us an information 

about the duration of time for which a route has remain 

to be existed. The average value indicates the stability of 

the routes. 

Average Key change in type 2 Nodes: we observe the 

consecutive binary values at the impersonating nodes and 

plot a graph of rate of change of the keys in such nodes. 

Percentage of Data Acquired by Malicious Nodes: 

This is a measurement of amount of data being 

acquired by the malicious nodes which gives an 

662


ISSN:2229-6093 

indication of the sensitiveness of the algorithm towards 

detecting attack. 

6. Results 

Simulation parameters for all the simulation is as 

given bellow. 

Node=50,Speed=2m/s, Pause time=10s, Sim 

Time=4hour, Packet Rate=20p/sec. 

nodes are very high. Whether they are being decrypted 

or not is not the question here. The main observation is 

that triple umpiring significantly reduces the overall 

exposure. This is further improved by the proposed 

technique. 

Figure 6. Percentage of Malicious Nodes v/ 

control overhead 

Result 6 shows that as the density of malicious nodes 

varies, control overhead also increase. This is due to 

route refreshment and delay and pdr sensitivity of the 

network. Control Overhead is least in the proposed 

technique due to the presence of multiple paths. Hence 

RERR are not generated immediately and the 

transmission continues with existing paths. 

Figure 8. Network Life time performance 

against varying Malicious Nodes. 

Figure 8 is another prove of varying performance in 

the presence of malicious node. Network lifetime 

decrease significantly as such node increase due to many 

retransmission, packet drop and re-routing. Careful 

observation shows that the proposed technique has a 

better lifetime when the attack is severe where as if there 

are no attacks, the plain AODV has a better 

performance. This is also a prove that security extensions 

attributes for significant energy consumption in the 

nodes. 

Figure 9. Packet Delivery Ratio Performance in 

Various Malicious Node Presences. 

Figure 7. Percentage of Malicious Node v/s 

Percentage of Data Exposure to Malicious 

Nodes. 

Figure 7 is an interesting finding. Without any 

monitoring algorithm, data being exposed to malicious 

Figure 9 shows that packet delivery ration decreases 

with the increase in number of malicious nodes. The 

decrease in packet delivery ratio is minimized with the 

proposed technique because the proposed FQSMR by 

default is a QOS routing and it justifies that by improving 

the pdr performance. 

663


ISSN:2229-6093 

Figure 10. Route Lifetime of Different 

Techniques in the Presence of Different 

Malicious Nodes. 

Routes are sensitive to intrusions and attacks. This is 

shown in Figure 10. The route lifetime is significant in 

understanding the attack behavior in the network. The 

figure shows that the proposed FQKSMR technique is 

more sensitive to attacks than the other techniques. 

7. Conclusion 

There are various monitoring and security extension 

proposed over the years. Mostly the key management 

and QOS are considered as related entities. But no work 

has presented a QOS offering through the key 

management itself. Further Intrusion detection through 

network parameter monitoring is considered as a 

separate entity. In this paper we have shown that by 

generating the key from the QOS state of a node, one can 

not only extend the security of the network also at the 

same time guarantee QOS. The adaptation of Multipath 

routing further strengthens the security by minimizing 

the data exposure to malicious nodes. The system can be 

further improved by a hash function which not only can 

translate the Fuzzy Equal-Output to a key but also 

conditions like Greater-Than-Equal-To functions to 

keys. As the observation shows that network 

performance vastly degrades with attacks, nodes that 

provide good or better QOS must be incorporated. 

There bound to be performance variations if malicious 

nodes are present. 

8. References 

[1] C. Perkins and E Royer, “Ad Hoc On-Demand Distance 

Vector Routing,” 2nd IEEE Workshop on Mobile Comp. 

Sys. and Apps., 1999. 

[2] ZhengMing Shen, Thomas, J.P., “Security and QoS 

Self-Optimization in Mobile Ad Hoc Networks”, IEEE 

Transactions on Mobile Computing, Vol. 7, Iss. 9, Sept. 

2008. 

[3] Papadimitratos, P. Haas, Z.J., “Secure Data 

Communication in Mobile Adhoc Networks, IEEE 

Journal on Selected Areas in Communication, Vol. 24, Iss. 

2, February, 2006. 

[4] Monica, Mukesh Kumar, Rahul Rishi, “Security Aspects 

in Mobile Adhoc Network (MANETs):Technical 

Review”, International Journal of Computer Applications, 

Vol. 12, No.2, November, 2010. 

[5] Pradip M. Jawandhiya, “A Survey of Mobile Ad Hoc 

Network Attacks”, International Journal of Engineering 

Science and Technology, Vol. 2(9), pp. 4063-4071, 2010. 

[6] Ayyaswamy Kathirvel, Rengaramanujam Srinivasan, 

“Triple Umpire System for Security of Mobile Ad Hoc 

Networks”, International Journal of Network 

Management, DOI: 10.1002/nem.761, Nov. 2010. 

[7] Panagiotis Papadimitratos, Zygmunt J. Haas, “Secure 

Routing for Mobile Ad hoc Networks”, In Proceedings of 

the SCS Communication Networks and Distributed 

Systems Modeling and Simulation Conference (CNDS 

2002), San Antonio, TX, January 27-31, 2002. 

[8] N. Asokan, P. Ginzboorg, “Key Agreement in Ad Hoc 

Networks,” Computer Communications 23 (17): 

1627-1637, Nov. 1 2000. 

[9] Manjunath…”A Ligh weight Time Stamp Based 

Distributed Security Protocol for Wireless Adhoc 

Network”, CiiT International Journal of Wireless 

Communication, Vol. 3, No. 2, February 2011. 

[10] Lidong Zhou, Zygmunt J. Haas, “Securing Ad Hoc 

Networks”, IEEE Network, special issue on network 

security, November/December, 1999. 

[11] G. S. R. Emil Selvan1, S. Sivagurunathan, P. Subathra, 

and S.Dina Nidhya, “Mobile Ad Hoc Network Security- A 

Cluster based Approach”, Journal of Computers Vol.20, 

No.3, October 2009. 

[12] J.Manikandan, S.Vijayaragavan, “Multihost Adhoc 

network with the clustered Security networks”, 

International Journal of Engineering Science and 

Technology Vol. 2(3), 2010. 

[13] Steffen Reidt, Stephen D. Wolthusen, “An Evaluation of 

Cluster Head TA Distribution Mechanisms in Tactical 

MANET Environments”, In Proceedings of the First 

Annual Conference of the ITA ,2007. 

[14] Ayyaswamy Kathirvel, Rengaramanujam Srinivasan, “A 

System of Umpires for Security of Wireless Mobile Ad 

Hoc Network, International Arab Journal of 

e-Technology, Vol. 1, No. 4, June 2010. 

[15] Shuyao Yu, Youkun Zhang, Chuck Song and Kai Chen. 

“A security architecture for Mobile AdHoc Network” 

ACM Workshop on Wireless Security (Wise 2003), San 

Diego, CA, September 19, 2003. 

[16] Shailender Gupta, Chander Kumar, “Shared Information 

based Security Solution for Mobile Adhoc Networks”, 

International Journal of Wireless and Mobile Networks, 

Vol. 2,No. 1, February 2010. 

664


ISSN:2229-6093 

[17] Srdjan Capkun, Levente Buttya´ n, Jean-Pierre Hubaux, 

“Self-Organized Public-Key Management for Mobile Ad 

Hoc Networks”, IEEE Trans. On Mobile Computing, Vol. 

2, No. 1, January-March, 2003. 

[18] J. Kong, H. Luo, L Zhang, “Providing Robust and 

Ubiquitous Security support for Mobile adhoc Network”, 

IEEE 2001. 

[19] R.Balakrishna, “Reliability in MANET’s Using Enhanced 

Double Coverage Broadcasting (EDCB)”, International. 

Journal of Advanced Networking and Applications, 

Volume: 01 Issue: 03 Page: 147-153, 2009. 

[20] Dr. Anil Kapil, Sanjeev Rana, “Identity-Based Key 

Management in MANETs using Public Key 

Cryptography”, International Journal of Security (IJS), 

Volume 3 : Issue 1, 2009. 

[21] G.S. Mamatha, Dr. S.C. Sharma, “Network Layer Attacks 

and Defense Mechanisms in MANETS- A Survey”, 

International Journal of Computer Applications (0975 – 

8887), Volume 9– No.9, November 2010. 

[22] Tseng, Y. Min., “A heterogeneous-network aided 

public-key management scheme for MANETS”, Wiley 

InterScience, International Journal of Network 

Management, v.17: pp.3–15, 2006. 

[23] Azeem Irshad, Wajahat Noshairwan, Muhammad 

Shafiq,Shahzada Khurram, Ehtsham Irshad, Muhammad 

Usman, “Security Enhancement for Authentication of 

nodes in MANET by checking the CRL status of Servers”, 

International Journal of Advanced Science and 

Technology, Vol. 22, September, 2010. 

[24] P.S.L.M. Barreto, B. Lynn, and M. Scott., “Efficient 

Implementation of Pairing-Based Cryptosystems”, 

Journal of Cryptology, vol. 17, no. 4, pp. 321-334, 2004. 

[25] Géraud Allard, Pascale Minet, Dang-Quan Nguyen, 

Nirisha Shrestha, “Evaluation of the Energy Consumption 

in MANET”, In Proceedings of ADHOC-NOW'2006. 

[26] Wenjing Lou, Wei Liu, Yanchao Zhang, “Performance 

Optimization using Multipath Routing in Mobile Ad Hoc 

and Wireless Sensor Networks”, Combinatorial 

Optimization in Communication Networks, 2005. 

[27] S.Muthuramalingam and R.Rajaram, “A Transmission 

Range Based Clustering Algorithm for Topology Control 

MANET”, International journal on applications of graph 

theory in wireless ad hoc networks and sensor networks 

(GRAPH-HOC) Vol.2, No.3, September 2010. 

[28] Hafiz M. Asif, Tarek R Sheltami, Elhadi E. Shakshuki, 

Power Consumption Optimization and Delay 

Minimization in MANET, Proceedings of MoMM, 2008. 

[29] Lei Chen, Wendi B. Heinzelman, QoS-Aware Routing 

Based on Bandwidth Estimation for Mobile Ad Hoc 

Networks, IEEE Journal on Selected Areas in 

Communications, Vol. 23, No. 3, March 2005. 

[30] Jishan Mehedi , Samir Biswas , M.K.Naskar, “A Fuzzy 

Based Distributed Approach to Maintain Connectivity of 

Nodes in Mobile Ad-Hoc Networks”, Proceedings of 2nd 

National Conference on Challenges & Opportunities in 

Information Technology (COIT-2008) RIMT-IET, Mandi 

Gobindgarh. March 29, 2008. 

Manjunath Gadiparthi is working as an 

Associate Professor and Head Department of 

Computer Science in JAWAHARLAL 

NEHRU INSTITUTE OF TECHNOLOGY 

(JNIT). He received his B.Tech Degree in 

Computer Science & Engineering from 

Narasaraopeta Engineering College Andhra 

Pradesh. He received his M.Tech Degree in 

Computer Science & Engineering from RVR & JC College of 

Engineering Andhra Pradesh. He is pursuing his Ph.D. in Computer 

Science & Engineering. His areas of interest are Image Processing, 

Data Mining & Network security. He published several journal articles 

and Conference papers, in the areas of Image Processing, Data Mining 

& Network security. 

Ramakrishna Paladugu is working as 

Associate Professor, Department of CSE in 

Jawaharlal Nehru Institute of Technology, 

Hyderabad. He is currently working as Associate 

Professor, Computer Science Engineering, 

Jawaharlal Nehru Institute of Technology, 

Hyderabad. His research interests are Data 

Mining, Wireless Networks and Network 

Security. 

Sudhakar Paladugu is working as Assistant 

Professor, Department of CSE in Jawaharlal 

Nehru Institute of Technology, Hyderabad. His 

research interests include Network Security. 

Muralidhar Vejendla was born in India in 

1980. He is currently working as Associate 

Professor in Tenali Engineering College, Tenali. 

His research interests are Data Mining, Wireless 

Networks. 

665

A Fuzzy QOS Key Base Secured MANET Routing with Multipath ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?