A wireless Ad-hoc network is an environment in which wireless nodes dynamically self organize and form a temporal network without using any pre-existing infrastructure.
The trend indicates the progress of the storage and computing capacity of network devices. This progress paves the way for exploring a new area of research i.e. Ubiquitous and Pervasive Computing.
Pervasive computing is the growing trend towards embedding microprocessors an everyday object and then ensured communication among nodes using mobility and opportunistic contacts.
Pervasive computing can be realized through the convergence of wireless technology, advanced electronics, and the Internet. In order to realize the concepts of pervasive computing, one needs to be aware of an Ad-hoc network where contact between two nodes is not certain at any particular time.
The network in concern is Delay Tolerant Network (DTN), which is evolved from MANET with some interesting challenges such as, sparsity, intermittent connected mobile nodes, and no end-to-end connectivity for message transmission. The main principle for routing in DTN is the Store-Carry-Forward mechanism.
The Store-Carry-Forward mechanism introduces a delay while transmitting messages hence, routing/forwarding is an important issue for the progress and establishment of Ubiquitous/Pervasive Computing on ground realities.
In DTN when two devices come in contact with each other then this contact can be taken as an opportunity to serve each other through exchanging services and messages for forwarding them towards the destination.
This opportunity in message dissemination introduces a new paradigm of Delay Tolerant networking known as Opportunistic Networks.
In OppNets mobile devices transmit messages by exploiting direct contacts without the need for end-to-end infrastructure. The main reason for the delay in the realization of Ubiquitous/Pervasive Computing is the exponential growth of complexity at the network layer.
OPPORTUNISTIC NETWORKS ...
In Ad-hoc networks, routing protocols at the network layer are computational and storage-intensive and assume the end-to-end connectivity at all times. But, OppNet tries to simplify it by removing the assumption of physical end-to-end connectivity, OppNet devices are also equipped with different wireless technology interfaces so that, devices can opportunistically use the interfaces in proximity while forwarding the messages.The advantage of OppNet communication includes high capacity, low cost, localized communication, decentralized operations, and independence from any infrastructure. therefore the key challenges in OppNet are mobility, communication paradigm, data dissemination, incentives for node cooperation, and services. OppNet is human-centric because it follows the way in which humans come in contact with each other. Therefore OppNet protocols can be tightly coupled with social networks and their social relationships can be
exploited in order to build more efficient and trustworthy protocols.
There is no way of proactively determining paths from source to destination. Hence, in OppNet mobility is used for data dissemination. Here, mobile nodes carry the message until they contact a suitable message forwarder. In OppNet, routing and forwarding protocols are merged because the routes are actually formed while forwarding messages.
Hence, in OppNet mobility is used for data dissemination. Here, mobile nodes carry the message until they contact a suitable message forwarder. In OppNet, routing and forwarding protocols are merged because the routes are actually formed while forwarding messages.
2. Architecture of OppNets
Architecture of OppNets
In an opportunistic network, a network is usually separated into several network partitions knows as regions.
Conventional applications and protocols are not suitable for
this kind of network, where the end-to-end connection does not exist from the source to the destination.
The opportunistic network uses the store-carry-forward mechanism for interconnecting the devices in different regions. The intermediate nodes employ the store-carry-forward mechanism by overlaying a new protocol layer, called the bundle layer in the protocol stack, as shown in Figure1.
In an OppNets, each node comprises of bundle layer that can act as a host, a router, or a gateway. In case the node act as a router, the bundle layer can store, carry, and forward an entire bundle in the same region.
Whereas, the bundle layer of the gateway node is used to transfer messages across different regions. As a gateway node is responsible for storing
and forwarding between two or more regions and optionally be a host, so it must be equipped with persistent storage and custody facilities.
3. Characteristics and Requirements of OppNets
Characteristics and Requirements of OppNets
The Ad-hoc network is autonomous and infrastructure-less with multi-hop routing. Dynamic network topology and device heterogeneity focused researchers in designing energy and bandwidth-efficient scalable protocols. Due to the lack of centralized authority in infrastructure-less Ad-hoc networks, security and self-organization become the concerning issues.
These mentioned constraints are the key challenges while
designing network protocols for any layer of operation. Routing is the heart of effective and efficient communication among network devices. Hence, dynamic topology and heterogeneity of devices should be considered while designing routing strategies.
The ad – hoc network is vulnerable to several security threats like eavesdropping, deletion, modification, redirection, and fabrication of both control and data packets. There are various key-based cryptographic solutions for providing security solutions in terms of authentication, data integrity, and protection of message sequencing.
These securities solutions either detect the malicious nodes using intrusion detection scheme or use cryptographic techniques for providing integrity and authentication.
In an Ad – hoc network, a selfish node may degrade the performance through non-cooperation in data dissemination schemes. Selfish nodes may use the network resources for themselves but, do not cooperate with others in carrying out their work.
Node cooperation is an implicit challenge associated with an ad – hoc network. To ensure node cooperation, incentive schemes are necessary to tackle and persuade selfish nodes.
The OppNet is a subgroup of an ad-hoc network with some specific constraints and associated challenges. Hence, OppNet inherits all the challenges associated with an ad-hoc network.
In the case of OppNet, the unique communication paradigm and constraint increase the severity of associated challenges.
characteristics:
These are the following specific characteristics and associated challenges in OppNet are:
Sparse network
Sparse network: The sparsity in-network accounts for low inter-contact frequency and the average duration of the contact is also small. Hence, data dissemination is associated with delays and less reliability. The unpredictability and low end-to-end connectivity demand efficient forwarding techniques.
Store-carry-forward mechanism
Store-carry-forward mechanism: OppNets exploit mobility for data forwarding using the concept of store-carry-forward mechanism. In carrying messages, an additional storage cost is associated with routing.
This mechanism demands efficient buffer management strategies and the inclusion of a separate bundle layer in the protocol stack. Due to this mechanism node profiling is possible at the application layer hence, privacy and data integrity need to be ensured explicitly through reliable security measures.
Heterogeneity of network devices and interfaces
Heterogeneity of network devices and interfaces: OppNet plays an important role in the progress of pervasive computing. Pervasive computing requires the participation of each and every device and uses different wireless technology.
OppNet needs to ensure these requirements by designing highly
interoperable network protocols.
Human interactions
Human interactions: OppNet is human-centric as most of the participating nodes in it are humans. So there is a need to study the sociology and anthropology involved in the interactions of an individual.
Based on this study one can design the real human mobility model and social graphs. These social graphs map the underlying network graph, based on which data dissemination protocols could be designed and executed.
High computation power
High computation power: The advance in technology makes handheld devices more capable through high-end processors. On one side this is an added advantage but the security threats of viruses, worm, malware which were considered to be associated with PCs will now target the high computational power devices too.
It has been estimated that as the intelligence or processing
power of mobile devices increases, so does the amount of different malware. This malware can easily infect the OppNet.
Emergency applications
Emergency applications: Oppnets can be used in any kind of emergency situation such as an earthquake, hurricane, etc. Here, a seed Oppnet node is generally been deployed and then later on other potential helper nodes equipped
with more facilities can be added as per the requirement to grow into an expanded Oppnet.
Opportunistic computing
Opportunistic computing: Oppnets can be used to provide a platform for distributed computing to facilitate crisis management, intelligent transport system, and pervasive healthcare.
Recommender systems
Recommender systems: As, in Oppnets we can exploit the various context information about the nodes such as mobility patterns, contact history, workplace information, etc. Hence, the gained contextual information can be used to provide recommendations for various items in concern.
Mobile data offloading
Mobile data offloading: similarly, In mobile social networks, the Oppnet mechanism can be used for the purpose of data offloading. As the pervasive and ubiquitous use of mobile devices has immensely increased the data on a network. So, OppNet’s concept of store-carry-forward can help in offloading data from networks.
Info mobility Services
Info mobility Services: OppNets can also be exploited to provide intelligent vehicular systems through Internet-of-Things(IoT) for smart cities project. Internet-enabled devices can be a part of OppNet and mobile devices on the basis of proximity and need can exchange relevant information and take decisions.
4. Data Sets and OppNet Project Scenarios
Data Sets and OppNet Project Scenarios
Reality Data Mining: The experiment was conducted to explore the capabilities of smartphones to investigate human interactions beyond the traditional survey-based methodology. The subjects were 75 students and faculty in the MIT Media Laboratory, and 25 incoming students at the MIT business school.
SIGCOMM09: The SIGCOMM 2009 dataset [9] contains traces of Bluetooth device proximity, opportunistic message creation, and dissemination along with the social profiles of the participants. In this experiment, each device performed a periodic device discovery to trace out the nearby neighboring devices.
On the discovering of new contacts, the device formed an RFCOMM link on a preconfigured channel for data communications. Further, each device recorded the results of the periodic device discovery and all data communications.
In addition to this devices keep a record of the user’s social profile and its evolution and application-level messaging. The collected traces are time-stamped based on the device clock and reported as a relative time in second.
Haggle project
Haggle project: Haggle [] is a European Union-funded project designed to enable communication when network connectivity is intermittent. In particular, Haggle exploits opportunistic contacts between mobile users to deliver data to the destination.
This project includes 78 short radio ranges emotes with 20 stationary long-range radio emotes. These emote were distributed throughout the INFOCOM 2006 conference venue for four days.
The Bluetooth scanning granularity of a node is set once per 120 seconds. The pairwise contact frequency is 6878 per day, and the total number of contacts taking place is 23,478. The trace experiences an average contact duration of 216 seconds.
ZebraNet: [] It is an interdisciplinary ongoing project at Princeton University under the Mpala Research Centre deployed in the vast Savanna area of central Kenya. The study is carried out to know the patterns of migration and interspecies interactions for Zebras in Savanna. A mobile vehicle as a base station moves around periodically in the Savanna for collecting data from the encountered Zebras.
5. Opportunistic Routing and Classification
Opportunistic Routing and Classification
In OppNet, keeping the low intermittent contacts and sparsity into consideration routing and forwarding decisions are merged. The routing decision is reactive and taken on the fly by forwarding nodes.
The decision in selecting the best possible forwarder is the one that
anyhow helps in forwarding the messages to the destination. Traditional routing algorithms are not applicable in OppNet scenarios.
In traditional routing, either reactively or proactively decisions are taken based on the underlying network topology. But in the case of OppNet, the absence of knowledge about topological evolution hampers the routing decisions.
The fundamental problem associated with OppNet routing is the absence of end-to-end connectivity for the whole lifetime of a message. The routing performance improves with the assimilation of more knowledge about the expected topology of the network in routing protocols.
The routing protocols for OppNet are classified on the following grounds:-
1. Infrastructure less routing
In this routing mechanism, explicit infrastructure is not used to facilitate the routing process. In pervasive computing, it is the most viable and cost-efficient.
There is a further division in infrastructure-less routing based on the amount of explicit knowledge used in the routing procedure:-
Context oblivious routing
A. Context oblivious routing: In this routing mechanism the concept of diffusion is used in which, the message is disseminated in the whole network using the contact opportunities and in the end, it eventually reaches the destination.
In this approach, no explicit knowledge is used to facilitate the routing process. The dissemination based routing technique works well in a highly dynamic environment.
These protocols are resource hungry and mostly account for the congestion in the network. To limit the effect of congestion in the network there are some existing protocols, which suppress the count of messages in the network through intelligent heuristics. The epidemic, MV, Spray & Wait, and Network coding routing are some of the context oblivious routing protocols.
These protocols do not authenticate the participating nodes at the joining time in the network. It does not ensure the privacy of participating nodes and the confidentiality of disseminated messages in the network. Both users and data are vulnerable to security threats associated with malicious nodes attacks.
Context-based routing:
B. Context-based routing: In this routing mechanism, a context of a node is accumulated and maintained over a period of time. The sharing of this context information between the nodes helps the encountered nodes in designing the blueprint of the underlying network topology. This temporal topology is then used to make forwarding decisions.
The usefulness of a host, as the next hop in forwarding mechanism is depicted through the utility metric of that node. The context information usually comprises social, environmental, and user feedback about the nodes in concern. Context-based routing techniques reduce
the message duplication counts but, increases the corresponding delay in delivery.
Prophet, HiBops, and MobySpace are some of the context-based protocols. In this approach context information is shared between nodes and this sharing may reveal the identity of nodes in communication. The privacy of the user is at stake and the integrity of data and utility packet are compromised in this type of routing approach.
Content-based routing
C. Content-based routing: In a content-based approach, the destination node is not explicitly mentioned in transmission. In it, the destination node’s interest profile is shared with all the encountered nodes.
Based on the similarity between the message content and the interest profile of the encountering node, the forwarding decision is taken.
Here, the routing is based on publishing and subscribe mechanism in which the source node publishes its contents as the services in the network and the destination node subscribes these available data services according to the interest profile.
Content-based routing suffers from data integrity and confidentiality
problem. The availability of data services in publishing and subscribe mechanism is also the major security problem.
2.Infrastructure based routing
In this type of routing strategy, the explicit network infrastructure is used to facilitate the routing process. The infrastructure used in these protocols could be fixed or mobile and depending upon this, infrastructure routing is divided into two parts:-
Routing with fixed infrastructure
Routing with fixed infrastructure: Here, explicit base stations are deployed in the capacity of the gateways. These gateways act an interface to the different challenged networks and ensure the connectivity in a sparsely connected network. In order to achieve connectivity, protocols are designed to deliver messages up to base stations, and then it is the responsibility of the base station, which ensures the delivery of the message to another gateway or the destination node.
There are two variations of the proposed scheme on the basis of allowing node-to-node and node-to-base stations communicates in the OppNet.
Info-station Model and Shared Wireless Infestation Model (SWIM) are two fixed infrastructure protocols.
The performance of the routing protocol is based on the efficient functioning of base stations. Hence, the compromising situation of base stations puts the whole network performance at stake. These base stations are vulnerable to security threats and compromised base stations are a threat to the network itself. To severely deal with these threats an efficient and computational light Intrusion Detection Mechanism (IDM) needs to be designed.
Routing based on mobile infrastructure
Routing based on mobile infrastructure: These routing protocols use an explicit mobile data collector known as message ferries and data mules. The best possible mobility model is used for mobile carriers, in order to achieve the maximum coverage in minimum time units. These protocols are further fabricated into two
divisions based on the possibility of node-to-node and node-to-carrier
communication.
Data-Mule System and Message Ferrying are the two mobile infrastructure based protocols. Authentication through key management is hard to establish in this type of mobile infrastructure routing network. Distributed authentication schemes need to be established for the proper operations of the OppNet.
security in OppNet networks
Security in OppNet
In order to visualize the abstract concept of pervasive computing on-ground realities, security is the main challenge and it needs to be addressed with sincerity for instilling confidence in general users. Security at the root level in the communication paradigm instills the confidence in nodes for cooperation in the network. Hard cryptographic solutions are not sufficient in making the system threat proof.
The computational intensive algorithms of cryptographic techniques discourage the uses of these algorithms in the solutions of security to OppNet.
The unique characteristic of the ad-hoc network poses a number of non-trivial security challenges. The security solutions to ad-hoc networks encompass; prevention, detection, and reactions.
Proactive routing data integrity and authentication are to be maintained and reactive data forwarding are secured through real-time intrusion detection schemes. These algorithms detect a malicious node and then react, in order to nullify the behavior of attacking nodes.
6 . security Issues and Criteria in oppnet network
Security Issues and Criteria
A security mechanism is any process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack. Examples of mechanisms are encryption algorithms, digital signatures, and authentication protocol.
Security solutions must be validated against security criteria. There are some widely used criteria to evaluate security aspects. Network nodes should be available to provide all the designated services assigned to them regardless of security attacks.
The solution should make sure that the identity of a message remains the same throughout the transmission.
The security issues for each network layer in an ad – hoc network are :
The identity of the message can be compromised through malicious and accidental altering. One has to make sure the confidentiality of the message through which information is only accessible to those for whom it is intended.
The message should be authentic enough, which assures that participants in communication are genuine but not impersonators. The solution should ensure that the sender and receiver of a message cannot deny that they have never sent or received a message.
Security criteria should include the specification of authority, privileges, and credentials assigned to network nodes.
Security’s criteria also include privacy-preserving in which the entity node is protected by not disclosing its privacy to any other node.
7. security Attacks
Security Attacks
Security attacks are classified as either passive attacks, which include the unauthorized reading of a message or file and traffic analysis or active attacks, such as modification of messages or files, and denial of service.
Passive Attacks
(a) Passive Attacks:
firstly
A passive attack does not disrupt the operation of the network. The attacker snoops the exchanged data and infers the desired information. The privacy of users and the confidentiality of data are at stake. The detection of a passive attack is very difficult.
On a preventive basis, data need to be encrypted before forwarding in the system. Snooping is unauthorized access to another person’s data. The software can also be used to remotely monitor and snoop the target devices.
Active Attacks
(b) Active Attacks:
secondly
Inactive attacks, attackers disrupt the normal functioning of the system through altering or destroying of data being exchanged in the network. These attacks can be classified into two categories based on the malicious node’s identities.
External attacks are carried out by the nodes external to the network and Internal attacks are carried out by the internal compromised nodes in the network. Internal attacks are difficult to detect and prevent compared to external attacks.
(i) Network layer attacks
Wormhole attack
In the wormhole attack, a malicious node receives packets at one location in the network and tunnels them to another location in the network. These packets are then resent into the network. This tunnel between compromised nodes is referred to as a wormhole. If the wormhole is used properly then an efficient routing is possible but, it puts the attacker in a commanding position compared to other nodes in the network.
Blackhole attack
In this attack, an attacker advertises itself as having the shortest path to the destination node. Once the malicious node has been able to insert itself between the communicating nodes, it is able to do anything with the packet passing through it. so It can perform a DoS attack and man in the middle attack
Blackhole attack
In this attack, a colluding node form routing loops, forwarding packets on non-optimal routes and selectively dropping packets.
Information disclosure
A compromised node may leak confidential and important information to
unauthorized node present in the network.
Resource consumption attack
In this attack, an attacker tries to consume or waste away the resources of other nodes present in the network.
Routing attacks
In this attack, routing operation is disrupted through the routing table overflow, routing table poisoning, packet replication, route cache poisoning, rushing attack.
(ii) Transport layer attacks
Session hijacking:
Session hijacking is a critical threat to the system. It gives an opportunity to the malicious node to behave as a legitimate user. Hence, ID Spoofing is the major threats in the transport layer.
(iii) Application layer attacks Repudiation attacks Repudiation refers to the denial or attempted denial by a node involved in a communication.
(iv) Multilayer attacks
Multilayer attacks are those that could occur at any layer of the network protocol stack. Denial of service and impersonation are some common multi-layer attacks.
Security issues in OppNet
OppNet is a part of the ad-hoc network and hence, all the possible security threats associated with ad-hoc networks are common with the security threats of OppNet.
The specific constraints of OppNet increase the severity of ad-hoc attacks on it. The routing and forwarding mechanisms are localized and merged in OppNet.
This simplification at the network layer also relaxes the node in tackling routing attacks but, on the other hand, context and content information need to be protected.
OppNet is human-centric and most of the forwarding mechanism exploits social metrics in taking routing decisions. similarly At application layer spoofing attack (node profiling) is possible due to the human involvement and store-carry-forward mechanism.
Due to the infrastructure-less networks, the authentication, and rating of the node, in terms of maliciousness is not possible at the time of joining the network (Bootstrapping problem)
Security issues in OppNet…
Hard cryptographic solutions are not sufficient to address security threats because; network devices are not capable enough to execute computational intensive algorithms. In OppNet, the aim is to develop and design privacy-preserving and secure opportunistic forwarding, while keeping the constraints of no end-to-end connectivity, delay tolerance, dynamic topology, loose trust, and no infrastructure in concern.
The main challenge in content and context forwarding is that, confidentiality and privacy conflicts with the very design concept of the forwarding mechanism of these protocols.
Hence to secure the confidentiality and privacy forwarding computations need to be done on the encrypted data.
security threats
The security threats challenge the progress of pervasive computing and the solutions to these threats are the major challenge before researchers. Researchers are addressing the security concerns of OppNet on a priority basis. Routing and node cooperation are the backbones of OppNet and hence, the associated threats with routing and node participation are on the priority.
In OppNet social metrics are exploited to build trust and reputation systems for authentication purposes. therefore This reputation model can be used to securely forwarding data and incentivizing selfish nodes for their cooperation. meanwhile, Some work has been done for securing the network from selfish and Sybill users. Anonymity for the privacy of the node is targeted at the network layer whereas, its severity is found at the application layer.
8. Problem Statement in networks
Problem Statement
“Designing Secure Data Forwarding Techniques for Delay-Tolerant Opportunistic Networks”
In order to realize the concept of pervasive communication, the security challenges of Opponents must be addressed on a priority basis. during Unique constraints of opponents make the security solutions of ad-hoc networks obsolete and direct us to work towards the goal of addressing these constraints with respect to security.
The primary goal of a security mechanism is to provide privacy, integrity, confidentiality, authenticity, and availability.
Meanwhile, None of the security-related work discussed in the previous section provides a solution to all these security criteria. The various protocols discussed address only some of these security criteria.
literature survey
In the entire literature survey, it has been observed that there is no security mechanism designed to date, which provides all the security measures under one scheme.
therefore Social trust-based protocols provide authenticity in the network and help in secure forwarding. So Cryptographic protocols only ensure message integrity and confidentiality.
The incentive-based schemes ensure the availability of the service through node cooperation. From all this, so it can be inferred that there are still a lot of security breaches in the available data forwarding techniques. The security challenges and limitations of the existing schemes motivate us to work towards addressing this issue and focusing on designing a new and better secure mechanism for data forwarding that ensures all the security measures under a single scheme.
We propose the following works in order to ensure secure data forwarding in delay tolerant opportunistic networks:-
- Designing secure data forwarding protocols for opportunistic networks.
- Addressing energy conservation issues in secure data forwarding.
- Providing solutions to most of the security threats in opportunistic networks.
- Mathematical analysis of social and network graphs for secure data forwarding.
9. Summary
Summary
In conclusion, or in short, we discussed the opportunistic network’s architecture and challenges. opportunistic routing and issues associated with it are also being covered.
- wethecoders
- July 13, 2022
- 8:31 pm