ijcsa template - Technomathematics Research Foundation.

International Journal of Computer Science and Applications, Technomathematics Research Foundation Vol. 14, No. 2, pp. 142 – 163, 2017

SECURE INTELLIGENCE ALGORITHM FOR DATA TRANSMISSION IN INTEGRATED INTERNET MANET* C. ATHEEQ † Research Scholar*, B. S. Abdur Rahman University*, Vandalur, Chennai, Tamil Nadu 600048*, [email protected]*

M. MUNIR AHAMED RABBANI Professor, B. S. Abdur Rahman University, Vandalur, Chennai, Tamil Nadu 600048 [email protected] Integrating MANET with internet makes MANET a heterogeneous network by increasing the application area and communication range. The communication is achieved by the gateway which is used in integration process and helps the mobile nodes in MANET interacting the fixed nodes in internet or accessing the internet resources. Heterogeneous MANET has dynamic and distributed nature that opens multiple malware entry points that leads to increase in security risk for Integrated Internet MANET (IIM). In the recent approaches, communication is provided between mobile nodes and fixed nodes in IIM based on gateway discovery approaches and trust based approaches with lack of security. So there is a need for developing effective method for communication by using cryptographic technique and resolving the attacks on integration. We provide a Secure Intelligence Algorithm (SIA) for data transmission between mobile node and fixed node in IIM. The proposed algorithm has three phases. In the first phase, misbehavior nodes in MANETs are identified, in the second phase trusted nodes are verified and in the third phase, a session key is established between mobile node and fixed node by mutual authentication process. Performance of the proposed technique provides effective elimination of misbehavior nodes and lower computational cost in key agreement process when compared to existing strategies.

Keywords: integration, malicious nodes, promiscuous, intelligence, mutual authentication.

1. Introduction Mobile Ad hoc Network (MANET) is a temporary, self-organized, wireless network that consists of homogeneous mobile nodes. These infrastructures-less networks are generally used in the domain where centralized communication is not instantly available. Every node in MANET has constraint properties and it could be a host or a router and *

For the title, try not to use more than 3 lines. Typeset the title in 10 pt Times Roman, uppercase and boldface. Typeset names in 8 pt Times Roman, uppercase. Use the footnote to indicate the present or permanent address of the author. †

142

Secure Intelligence Algorithm in IIM 143

communication is achieved in a peer to peer fashion by exchanging messages. Mobile nodes have limited transmission range and can communicate within their region only and due to dynamic nature of MANETs i.e. any node can enter and leave the network at any time, thus they should be managed in an effective manner. As MANETs has limited communication domain where mobile nodes cannot access the internet resources, they do not provide effective utilization of resources. So in order to have effective resources utilization, provide user application and share distributed resources; MANETs must be interconnected to the internet. However this arrangement makes MANET a heterogeneous network with lack of security [Melaku, H.M. et. al, 2015]. The architecture of integrated internet MANET is represented in figure 1.

Fig. 1 Architecture of Integration of Internet MANET The integration provides maximum number of communicating entities to both the MANET and internet. A mobile node can interact with the internet with the help of gateways [Jisha, G. et.al, 2016] that acts as bridge between the two different types of networks. Number of routing methods have been presented by [Sivakumar, T. and Manoharan, R., 2015, Sumathi, K. et. al, 2015, Abduljalil, F.M. and Bodhe, S.K., 2007, Ramanarayana, K. and Jacob, L., 2007] to route packets from source to destination. There are three approaches to identify the gateways namely proactive, reactive and hybrid. In proactive method, the gateway initiates the registration process for mobile nodes to get registered by broadcasting the GW_ADV control packets. In reactive method, mobile nodes in MANETs initiate broadcasting GW_SOL control packets to discover the gateways. In hybrid method, both proactive and reactive methods are incorporated and initiations are done by gateway as well as mobile node. In order to route a packet from one node to another, well known algorithm AODV is modified to use in the routing process in IIM as the standard AODV is limited to only homogeneous mobile nodes. However, these approaches do not have appropriate technique to mitigate malicious nodes from IIM. In order to resolve the issue, we consider the network to enter into the promiscuous mode where the source node can observe the behavior of all other nodes. A mobile node may not forward all the packets that it has received and intentionally drop the packets or not forward them and when this packet dropping level reaches the threshold value, then the IP address of the mobile node is made known to all other nodes in the network by broadcasting message indicating its misbehavior activities.

144 Atheeq. C, M. Munir Ahamed Rabbani

A node may drop the packets in two conditions intentionally and unintentionally. A node is said to be intentional misbehavior node if it first agrees to forward the packets to its neighbor nodes and fails to do so. The mobile nodes present in MANET which is a resource constrained network and has limited properties like battery power, buffer space which leads the mobile node to drop the packet without processing which is unintentional misbehave. Such kind of mobile nodes with these reasons are not treated as malicious nodes. Hence it is necessary to verify the reason behind packet dropping and find out the actual misbehavior nodes. After the malicious nodes are notified in the network, then for the remaining nodes the trust value is calculated in order to select the next neighbor node for data transmission. The node which is having the maximum trust value is considered for data transmission and this process is carried out for the selected neighbors. Authenticating mobile node with the fixed node in IIM is an important aspect as there are number of decentralized entry ways for malicious nodes to enter into the application domain of MANETs and could misbehave in order to effect the communication between the end parties. So the end nodes which are mutually authenticated can have a secure way to exchange the data that can be protected from misbehaving nodes [Tahat, N., 2016]. Except to look at different methodologies and vendors addressing these problems with policy based methods to security and provisioning, lot of research is done that gives the proper work on data prevention from misbehaving entities in IIM and the centralized network are IP dependent, taking into consideration the unauthenticated nodes in Integrated Internet-MANET for exchanging of data in IIM with the help of gateway is complex and suffers from poor performance in heterogeneous MANET. This makes us to develop a mechanism for mutual authentication in IIM by minimizing the security risk The main focus of our work is to identify and eliminate the misbehavior nodes based on the intentional packet drop reason and authenticate the trusted mobile node and fixed nodes in the area of integrating internet with MANET. So a secure intelligence algorithm is required for authenticating end parties in IIM after eliminating the misbehavior nodes so that the data transmission can takes place in a secure manner and also reducing the security risk in IIM by eliminating false misbehaving attack. The misbehavior nodes are verified whether the node drops the packets intentionally or unintentionally in order to identify the actual misbehavior node. The remaining part of this paper is presented as follows. Section 2 deals with the previous strategies of identifying the misbehavior nodes and authentication process, Section 3 presents the required preliminaries, Section 4 describes the proposed scenario in detail. Results are presented in Section 5 and Section 6 concludes the paper.


2. Related Work In the past few decades, [Sivakami, T. and Shanmugavel, S., 2011, Ding, S., 2008] has proposed the methodology to interconnect the internet with MANET so that the mobile nodes in MANET can interact with the fixed nodes in the internet by using the gateway for interconnection purpose. In order to route the packets from mobile node in MANET to the fixed node in internet, the author has worked out on the best known routing algorithm Ad hoc On-demand Distance Vector (AODV) routing algorithm because the standard AODV support routing only between autonomous mobile users. The gateway discovery approaches presented in this paper are proactive, reactive and hybrid methods. All these methods are used to find the gateway in order to make registration of mobile node and allow them to route the packets from mobile nodes to fixed node through gateway without considering the presence of malicious nodes which also registers with the gateway and continue in routing of wrong messages or interpreting in the communication between mobile node and fixed node in IIM. So in our approach, we are identifying the malicious nodes and then allowing the mobile nodes to register with the gateway by which we can protect our data from malicious nodes [Rai, A.K. et. al, 2010]. [Thachil, F. and Shet, K.C., 2012] presented a technique to resolve black hole attack where every node observes its neighbor node by placing a cache that records the operation performed on packet with respect to its neighbor. The trust value of the neighbor node is evaluated based on the operation that the neighbor node whether it further forwards the packets that it has received. The evaluated trust value lies below the threshold, it considers the node to be malicious but the evaluation of trust value does not consider the packet dropping reason. [Rachh, A.V. et. al., 2014] have proposed Enhance Black hole AODV that develops the parent nodes for identifying misbehaving nodes. When the source node sends RREQ, a timer is set up and within the expected time, the request message is received and a pseudo message is transmitted to the destiny and when the acknowledgement is received, source sends the original message. If the ACK are not received, packets are dropped. In this paper, the proper method of selecting a head node is not specified moreover delivering of pseudo packets leads overhead without considering the reason for packet dropping. Routing protocols proposed by [Rajaram, A. and Palaniswami, S., 2010, Hu, Y.C. et. al, 2003, Castelluccia, C. and Montenegro, G., 2002] focuses to discover a secure path depending on public key infrastructure in which the third party is responsible for system dependency. PKI creates more overhead with respect to key management. The protocols [Kshirsagar, D. and Patil, A., 2013] are responsible for resolving black hole attack without specifying the cause to drop the packets. [Siddiqua, A., et al., 2015] proposed a technique for resolving black hole attack. It observes the packets which are forwarded in promiscuous mode before deciding that a


specific node is black hole node to guarantee that the packets are received by its destination, the algorithm observers the node for identifying the reason behind packet dropping, and maintaining a trustworthy node turning into a black hole node. But to provide more effectiveness of the secure communication, authenticating the end parties is considered in order to resolve false reporting attack. [Zeba Naaz, et al., 2017] proposed a mechanism to authenticate the mobile node with the fixed node using chebyshev polynomials. In this paper the composition property is used in generation of the secret key at mobile node as well as fixed node for authentication purpose. The outcome of the mechanism is compared with the existing RSA cryptographic technique in terms of time for generating the secret key. The proposed model has low computational cost when compared to RSA but the node misbehavior factors are not considered as mobile node are dynamic in nature and the reason is not justified for dropping the packets. In all the above mentioned strategies, the individuals lack with a unique incorporated mechanism that provides an effective method for communication in IIM by minimizing the attacks as misbehavior nodes and authenticate the trusted mobile node and the fixed node so that the data they are sharing can be protected from the misbehaving third parties. So we provide the incorporated mechanism that has all these aspects and provide better communication by reducing the computational cost in the cryptographic phase used. 3. Preliminaries In MANETs, nodes may drop the packets intentionally and unintentionally. The factors that leads to unintentional packet dropping are limited energy, limited queue length and transmission range. 3.1 Energy: The energy of all the nodes in the MANETs is constrained particularly for the mobile devices besides their behavior like, discovering the neighbors and exchanging of information will devour energy. The nodes energy is once depleted, it doesn't have the capacity in its buffer to forward the packets [Chan, H.F. and Rudolph, H., 2015]. If large number of nodes energy is getting down in the network, this degrades the performance of IIM leading to unreliable services in IIM. In this manner, the nodes with lower energy values should be taken care to increase and effective utilization of energy. 3.2 Buffer: The mobile nodes are composed with finite buffer space for packet operations with store and forward principle. If sufficient nodes buffers are considered, then it results in good performance with respect to high delivery rate and short delivery delay. However, in an experimental case, though the buffer space of mobile nodes recently is more, the buffer space required to share is very limited [Kobbane, A. et.al, 2013]. If the shared buffer


space of the mobile devices is full, the node will neither discard the packet in this buffer nor receive packets any more in order to provide room for the newly arrived nodes at the same time more number of data forwarding opportunities will be wasted, which obviously will decrease the networks performance. Then again, if the node gets new ones, it should discard the packets in this buffer space, which will likewise diminish the delivery quality. So, from the perspective of experimentally, the buffer space is additionally an essential element that ought to be completely considered. 3.3 Trust: The need of selecting a trusted mobile node in MANET for secure data transmission in the field of integrating internet with MANET is an important aspect as there are multiple malware entry points in MANETs due to its openness. So, trust methodology is required in this environment in which mobile nodes should select the trustworthy neighbor nodes besides optimal one for its communication. 3.4 Chaotic maps: With the quick change of chaos theory related to cryptography [Hussain, I. et. al, 2012, Hussain, I. et. al, 2013, Khan, M. 2013, Ozkaynak, F. and Yavuz, S., 2013], vast measure of key management protocols that utilizes chaotic maps are studied greatly. The protocols which uses chaos concept are focused in three types based on the quantity of the nodes: two-tier key agreement scheme, three-tire key agreement scheme and multi-tier key agreement scheme for authentication [Xie, Q. et. al., 2013]. Enhancement of proficiency with new secure properties is seen in scholarly works. Starting late, the key agreement method for authentication in view of secret key for three-level engineering using particular exponentiation or scalar growth on an elliptic curve is tended to extensively [Gong, P. et. al, 2012, Niu, Y. and Wang, X., 2011, Xue, K. and Hong, P., 2012, Yoon, E.J., 2012, Tan, Z., 2013, Lee, C.C. and Hsu, C.W., 2013, Guo, C. and Chang, C.C., 2013]. Regardless, these arrangements require considerable estimation weights and the investigation is still exist on key management conspire for authentication on three-level architecture. Our work intends to fulfill defensive communication with security target i.e. authentication as it is the best way to deal with trustworthiness and false misbehaving in data transmission from mobile node to fixed node. Chebyshev polynomial uses its composition property [Lee, C.C. et.al., 2013, Lai, H. et. al., 2014, Wu, S. et. al., 2013, Xie, Q et. al., 2013, Zhu, H., 2015, Zhen, P. et. al., 2014] that shows the concept of two element key management thought which allows the granting elements for exchanging open keys by means of a channel that is not protected and generates a common secret key between them. Strategies in [Yoon, E.J. and Jeon, I.S., 2011, Lai, H. et. al., 2012, Zhao, F. et. al, 2013] presents the authentication process based on Chebyshev polynomial's for key agreement yet they negotiate that exchanging of private information is by means of some secured medium anyway it is compelled to MANET. In this manner it motivates us to go with another procedure to give key management for mutual authentication in IIM.


3.5 Defining Chebyshev Polynomials: Let us assume that n be an integer and x be a variable in the intervals [-1, 1]. The Chebyshev polynomial :[-1,1] → [-1,1] can be defined as = cos(n (x)). Under the current relationship for the degree of n, Chebyshev polynomial map : R→R presented by Lee, C.C. et al., 2013 is given in eq. no. 1: , (1) Where n2 , 1, and x . Some of the first few Chebyshev polynomials are given as:

………… The Semi group property of Chebyshev polynomials which is obtained by fulfilling the eq. no. 2 as (2) A quick result of this property is that Chebyshev polynomials drive under Composition in eq. no 3. (3) For enhancing protection, [Cai, Z. et al., 2015] proposed the semi-group idea that impact Chebyshev polynomials given in interim [-∞,+∞] . Enhanced Chebyshev chaotic maps are used in designed method as in eq. no 4: (4) Where n2 , x(,) , and N is a large prime number. Obviously their relation is represented in eq. no. 5, (5) Definition 1: Semi-group property of Chebyshev polynomials:

Definition 2: The Chaos Map Based Discrete Logarithmic Problem (CMBDLP) is defined as Ts(x)=y by considering the arguments x and y as it is difficult to discover the whole numbers.


Definition 3: The Chaos Map Based Diffie-Hellman Problem (CMBDHP) is so called because it is difficult to evaluate =y by considering x, & .

In the recent approaches, the polynomial used in the cryptosystems leads to minimal utilization of time for generation of the secret key that is being shared by the end parties of authentication.

Fig. 2. Comparison of RSA, ECC, HASH, Symmetric Algorithm and Chaotic map based algorithm. Comparison between RSA, ECC [Gharib M, et al., 2017], HASH, Symmetric Algorithm & chaotic maps based key generation are shown in figure 2. It demonstrates that chaotic map based technique provides less computational overhead in comparison with RSA and ECC. As we increase the key size, the time taken to generate the key also increases and in the above figure, for the key size of 1024 bits, RSA consumes 0.080058 sec and the same size key when generated using chaotic maps consumes 0.002699 sec. So our proposed protocols takes less time for generating key compared to RSA 3.6 One-way Hash function Hash Function h:a→b properties in cryptosystem are as follows: 1. The h function acknowledges the information substance of subjective size as information and produces the information content process of non-variable size as yield 2. The h function is uni-directional as given a ,which is easy to ascertain h ab . All things considered, given b , which is tuff to calculate ; 3. Consider a and its figuring is not practical to evaluate a ' with the ultimate objective that a' a ,but ha'ha; Evaluations are not attainable to yield the combination of a ,a' with the ultimate objective that a' a ,but ha'ha 3.7 Symmetric key algorithm The phases that are involved in Symmetric key algorithm are as follows and the flow chart is represented in figure 3.


1. 2. 3.

Generation of secret key Encryption of the plain text (P) with the help of in order to generate the cipher text (C) Decryption of cipher text (C) with the help of secret key .

The definition and proofs of proposed key agreement protocol and some of the resolved attacks shall be provided in Appendix 4. Proposed Mechanism In order to provide secure communication between mobile node and fixed node, we are proposing a Secure Intelligence Algorithm (SIA) for key agreement protocol based on chaos theory after identifying the misbehavior nodes in the network. The proposed protocol has three essential tasks to do. First identifying the misbehavior nodes in promiscuous mode based on packet drop reason, evaluates the trust of nodes reframed from promiscuous mode and authenticates mobile node and fixed node. A node is treated as malicious node in promiscuous mode if it sends the packets less than the packets it has received and drops or not forwarding the packets more than or equal to threshold value. Authentication process involves registration of mobile nodes and then provides authenticating with fixed nodes. The architecture of the proposed model is represented in figure 3.

Fig 3. Presence of misbehaving nodes in IIM. In this work, the nodes that undergo communication has ‘x’ as the public information. In order to provide mutual authentication in IIM, the gateway should first authenticate whether the mobile node is authentic or a malicious user. Later gateway provide mutual authentication between mobile node and the fixed node to enhance the security in IIM.


4.1 Secure Intelligence Algorithm In our proposed algorithm we do have three phases namely • Misbehavior node detection Phase • Trust Computation Phase • Mutual Authentication Phase (i)Misbehavior node detection Phase: Step 1: Initialize mobile nodes, fixed nodes and gateway. Step 2: Assign mobile nodes battery power, transmission range and queue length. Step 3: All the mobile nodes in IIM observe their neighbor nodes promiscuously. Step 4: Records the behavior of nodes based on packet operation. Step 5: Mobile nodes compares the neighbor nodes information about the number of packets it has received and it has transmitted. Step 6: If the results are equal then the nodes are treated as trusted nodes. else if the packet dropping is intentional and reaches the threshold value then consider the nodes as misbehavior nodes Step 7: Broadcast the IP address of malicious node in the IIM notifying its misbehavior. (ii)Trust Computation Phase: Step 8: Record all the trusted nodes. Step 9: Compute the complete trust (T) value using hybrid method. DTm1,m2= W(Rp)*Rp+ W(Rq)*Rq+ W(Re)*Re. T=(αDTm1,m2+βITm1,m2)/2. Where DT m1,m2 is direct trust of m1 on m2 mobile nodes, ITm1,m2 is indirect trust of m1 on m2 mobile nodes, α and β are constants whose values lies between 0 and 1, Rp, Rq, Re are route reply, route request and route error respectively and W is the weight assigned. Step 10: Consider maximum trust node for data transmission. (iii)Mutual Authentication Phase: Let MN be the trusted mobile node, GW be the gateway and FN be the destination fixed node. Assuming that the source MN is trustworthy and the password is being shared in a secure channel, we are eliminating the false misbehavior nodes that effect the integrity of data being transferred and minimizing the internal attacks through the secret key sharing mechanism that is computed by chebyshev polynomials. Step 11: MN selects a secret Prime number as ‘m’ for computing and applies hash function to the values , and the password by performing XOR operations on them as = H( || ) Where are the identities of MN, GW, and FN


that are publicly available. Now it generates the key as =( ) in order to encrypt the hash value, then the obtained cipher text along with the identities and that is composed as the message m1 and delivered to GW.

Step 12: GW selects a secret Prime number as ‘g’ for computing and applies hash function to the values , and the password by performing XOR operations on them as = H( || ). Now it generates a secret key for decrypting the cipher text received from mobile node that reveals The GW compares both the has values if they are equivalent then it confirms the mobile nodes registration and forwards to FN in the message m2.

Step 13: .The FN selects a secret prime number ‘f’ in order to computes and evaluates hash function for the values , and the password by performing XOR operations on them as = H( || ). The secret key is also evaluated as =( ) for encrypting the hash value as and sends the message to MN through GW.

Step 14: The MN first calculates the hash value and generates the secret key for decrypting the cipher text which produces the hash value ,it then compares the resultant with the value it has calculated . If both the values are equal then it authenticates with the FN through GW. The working of mutual authentication phase is given in figure 4. Gateway

Mobile Node

Select a secret prime no. ‘m’ and compute: , = H( Generate =(

|| )

)

Fixed Node


Select a secret prime no. ‘g’ and compute: =H( Generate =(

|| )

If ( Confirmation Registration

Select a secret prime no. ‘f’and compute: =H( Generate =(

Compute = H( Generate: =(

)

If

)

||

Authenticate

||

)

)

Authenticate

Fig 4. Mutual Authentication between mobile node and fixed node through Gateway As described above, in order to simplify the issue, the nodes energy is primarily utilized for forwarding and receiving data is assumed, and on saving of data the energy utilized is ignored. Then, at a specific point, it is also assumed that the nodes initial energy for delivering data is EGinit, and consumption of energy is separated in two parts, first one is data forwarding energy, and the second one is data receiving energy. Therefore the residual energy EGr of every node based on complete packets it has forwarded and received is given by the equation EGr = EGinit – EGpkt* PKT𝑡, (6)


where EGpkt denotes the consumption energy for forwarding or receiving for every packet and PKTt denotes total number of packets that are forwarded or received. In our work, the buffer capacity required by each node to share is limited and equal, which is denoted by BFinit. The buffer space of a node is decreased whenever it receives the packet m whose size is BFm and whenever it drops a packet n whose size is BFn, the remaining buffer space will be increased. In an overall, the residual buffer BFnew is evaluated with the following equation: BFnew = BFinit − BF𝑚+ BF𝑛. (7) Using this equation, the residual buffer space of each node can be updated according to its data exchange. Table 1. Notations used in this paper. Notations

Description

GW_ADV GW_SOL

Gateway Advertisement message Gateway Solicitation message Chebyshev polynomial Hash Function Secret Key Generation Plain Text, Cipher Text Initial Energy Residual Energy Consumption Energy for forwarding or receiving for every Packet. Total Number of Packets that is forwarded or received. Buffer Capacity Buffer Receives Packet m Buffer Drops Packet n Residual Buffer Mobile Node, Gateway, Fixed Node Prime Numbers for Mobile Node, Gateway and Fixed Node respectively Password Encryption Key for Encrypting Hash Value into Cipher Text. Decryption Key for Decrypting Cipher Text into Hash Value. Session Key Direct Trust of m1 on m2 mobile nodes Indirect Trust of m1 on m2 mobile nodes Complete Trust Route Reply, Route Request and Route Error respectively Weight assigned Constants whose values lies between 0 and 1

h P, C EGinit EGr EGpkt PKTt BFinit BFm BFn BFnew MN, GW, FN m, g, f pw

SK DT m1,m2 ITm1,m2 T Rp, Rq, Re W α and β


Fig 5. Flowchart of the proposed model.


5. Performance Analysis Simulator NS 2.34 is used to check the performance of proposed scenario by using the parameters presented in table 2. Under same network environment, the performance of RSA is also verified and compared with our proposed model. The overhead and session key management time of proposed technique with respect to key size besides eliminating the false misbehavior attack in IIM after identifying misbehavior nodes. Table 2.Simulation parameters of IIM Values 90 s 10-40 Wireless Channel 802.11 Random way point Reactive Random way point 512 bytes CBR 1000m x1000m

Network Parameters Simulation Duration Number of Nodes Channel MAC Mobility Model Routing Protocol Radio Communication Packet Size Traffic Network Area

Fig 6. Comparison of Packet Delivery Fraction versus number of nodes. In the above graph, we have analyzed the packet delivery fraction in SIA proposed technique and the existing approaches by increasing number of nodes from 10 to 40. The results show that the proposed technique has more delivery fraction of packets compared to the existing secure knowledge algorithms and trusted knowledge algorithm. In SKA,


the delivery ratio is very poor and in TKA it is little improved but overall SIA give effective packet delivery fraction more than 95%.

Fig 7. Comparison of Routing Overhead versus number of nodes The x-axis represents the number of nodes and the y-axis represents the overhead measured in terms of number of packets. Each packet requires extra bytes of format information that is stored in the packet header, which is combined with the packets and that results in minimizing the overall transmission speed of the raw data. The overhead increases as the number of packets increases slightly in all the examined algorithms but in over all, our proposed technique SIA has very less overhead.

Fig 8. Comparison of Throughput versus number of nodes In the above graph we are measuring the throughput of the network. Throughput is a measure of how many packets a node can process in a given amount of time. The throughput of our proposed technique is also more when compared to the existing secure


knowledge algorithm and trusted knowledge algorithm. Generally, it is the maximum rate of production or the maximum rate at which something can be processed. 6. Conclusion Our research figures out an enhanced provably secure intelligence algorithm that identifies the actual reason for packet dropping in order to justify that a node is misbehaviour node and also provide mutual authentication protocol for trusted nodes based on chaotic maps in the integration of internet and MANET. From the existing techniques, this algorithms figures whether the node drops the packet intentionally or unintentionally and find out the reason behind packet dropping which the base for misbehaviour node detection. The results are also compared with the existing RSA algorithm with respect to key generation time used for authentication purpose. The Secure Intelligence Algorithm (SIA) uses less computational overhead compared to RSA which is an important considerable factor in IIM since it is a distributed network. The secrete key evaluated with the help of Chaotic maps could not be resolved by attacker within polynomial time. Hence our SIA algorithm is more suitable in the practical environment which is based on symmetry for mobile nodes in MANETs and transparency at fixed node in internet.it is assumed that the nodes in IIM share the password in a secure channel, however in upcoming methodologies the password sharing method can be based on biometric, so as to provide effective security to IIM network. Appendix a) False misbehavior attack : It is one such attack in routing, in which malicious node sends false message to source Theorem: Resolving False misbehavior attack Proof:

Fig 9: False Misbehavior. In figure 9, node A sends back a misbehavior report even node B forwarded the packet to


C. To overcome this attack encrypted acknowledgement is required which is achieved through our proposed chaos theory. b) Mutual Authentication: If two nodes authenticate with one another properly and at the same time gaining the session key is known as Mutually authenticated key agreement Theorem: The proposed protocol can achieve mutual authentication and key agreement . Proof: Let us consider an example of Key exchange process between the mobile node and fixed node in IIM is as follows The public data is: (x, and (x, The private data is: m and f Mobile node Let

, m=17(MN private key)

x=

Fixed node Let

f=5(FN private key)

x= cos(m.

cos(f.

=cos(17*73)

=cos(5*73)

=-0.9455185756

=0.9961946981

MN sends (x,

as public key to FN

FN sends (x,

as public key to MN.

Compute

Compute =

=

-0.9455185756)

=cos(f.

=cos(m.

-0.9455185756))

=cos(17*4.999999995)

=cos(5*161)

=0.08715574274

=0.08715574274.

c) Bogus Registration: If a malicious MN performs a fake registration by spoofing an IP address to masquerade itself as someone else then bogus registration occurs. A bogus registration may cause a wrong mobility binding so that all packets are tunneled to malicious MN rather than correct MN. By a bogus registration, the attacker obtains the right to access the internet and can implement further attacks on internet. Theorem. The proposed protocol prevents from bogus registration. Proof: In proposed system registration of MN is done through authentication process in which MN uses secret prime number for authentication purpose. The MN does not share the


secret prime number even in secure channel. So it is impossible for an attacker to masquerade itself with other MN. d) Man-in-the-middle attack: The man-in-the-middle attack is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other. Theorem: The proposed protocol can resist Man-in-the-middle attack. Proof: The paper on one side assumes all that the password is shared through secured medium. On the opposite side, our method has effectively validated (in fig. 5) each other among mobile nodes, gateway and fixed node in view of these secrets. Thus intruder has no chance to relay and modify the communication between MN and FN. e) Known-key security: The process of shielding the resulting session keys from uncovering regardless of the possibility that the past session keys are uncovered by the intenders is said to be Known-key security. Theorem: The known key security can be proved by our technique. Proof: As the session key SK =Tm(Tf(x))= Tf(Tm (x)) is relied on upon the irregular prime numbers m & f , & the era of key is autonomous in all phases, an enemy can't process the past and the future session keys when the enemy has one session key. What's more, in the private upgrade stage and only once session key is utilized, so it has known key security trait. f) Black Hole attack: An attack in which the node or a router is supposed to forward the packets instead it discards them lading to black hole attack. Theorem: The black hole attack can be mitigated with our proposed method. Proof:


Our proposed algorithm monitors the neighbor nodes promiscuously and records its behavior regarding packet operations. If it finds that the node is not further forwarding the packets and its packet dropping reaches the threshold the it notices the node to be a black hole attack. References Abduljalil, F.M. and Bodhe, S.K., 2007. A survey of integrating IP mobility protocols and mobile ad hoc networks. IEEE Communications Surveys & Tutorials, 9(1), pp.14-30. Cai, Z., et al., 2015. A Chebyshev-Map Based One-Way Authentication and Key Agreement Scheme for Multi-Server Environment. International Journal of Security and Its Applications, 9(6), pp.147-156. Castelluccia, C. and Montenegro, G., 2002. Protecting AODV against Impersonation attacks. ACM SIGMOBILE Mobile Computing and Communications Review, 6(3), pp.108-109. Chan, H.F. and Rudolph, H., 2015, November. New energy efficient routing algorithm for Wireless Sensor Network. In TENCON 2015-2015 IEEE Region 10 Conference (pp. 1-5). IEEE Ding, S., 2008. A survey on integrating MANETs with the Internet: Challenges and designs. Computer Communications, 31(14), pp.3537-3551. Gharib M, et al., 2017 Feb 11. Fully distributed ECC-based key management for mobile ad hoc networks. Computer Networks.113:269-83. Gong, P., Li, P. and Shi, W., 2012. A secure chaotic maps-based key agreement protocol without using smart cards. Nonlinear Dynamics, 70(4), pp.2401-2406. Guo, C. and Chang, C.C., 2013. Chaotic maps-based password-authenticated key agreement using smart cards. Communications in Nonlinear Science and Numerical Simulation, 18(6), pp.14331440. Hu, Y.C., Johnson, D.B. and Perrig, A., 2003. SEAD: Secure efficient distance vector routing for mobile wireless ad hoc networks. Ad hoc networks, 1(1), pp.175-192. Hussain, I., Shah, T. and Gondal, M.A., 2012. A novel approach for designing substitution-boxes based on nonlinear chaotic algorithm. Nonlinear Dynamics, 70(3), pp.1791-1794. Hussain, I., et al., 2013. An efficient approach for the construction of LFT S-boxes using chaotic logistic map. Nonlinear Dynamics, 71(1-2), pp.133-140. Jisha, G., Samuel, P. and Paul, V., 2016. Role of Gateways in MANET Integration Scenarios. Indian Journal of Science and Technology, 9(3). Khan, M., et al., 2013. An efficient method for the construction of block cipher with multi-chaotic systems. Nonlinear Dynamics, 71(3), pp.489-492. Kobbane, A., Ben-Othman, J. and El Koutbi, M., 2013, June. Packet dropping for real-time applications in wireless networks. In Communications (ICC), 2013 IEEE International Conference on (pp. 2949-2953). IEEE. Kshirsagar, D. and Patil, A., 2013, July. Blackhole attack detection and prevention by real time monitoring. In Computing, Communications and Networking Technologies (ICCCNT), 2013 Fourth International Conference on (pp. 1-5). IEEE. Lai, H., et al., 2014. Provably secure three-party key agreement protocol using Chebyshev chaotic maps in the standard model. Nonlinear Dynamics, 77(4), pp.1427-1439. Lai, H., et al., 2012. Applying semigroup property of enhanced Chebyshev polynomials to anonymous authentication protocol. Mathematical Problems in Engineering, 2012. Lee, C.C. and Hsu, C.W., 2013. A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps. Nonlinear Dynamics, 71(1-2), pp.201-211.


Lee, C.C., Li, C.T. and Hsu, C.W., 2013. A three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps. Nonlinear Dynamics, 73(1-2), pp.125-132. Melaku, H.M., Woldegebreal, D.H. and Raimond, K., 2015. Investigating the effects of security attacks on the performance of TCP variants and routing protocols in MANET. International Journal of Computer Applications in Technology, 51(3), pp.235-246. Niu, Y. and Wang, X., 2011. An anonymous key agreement protocol based on chaotic maps. Communications in Nonlinear Science and Numerical Simulation, 16(4), pp.1986-1992. Ozkaynak, F. and Yavuz, S., 2013. Designing chaotic S-boxes based on time-delay chaotic system. Nonlinear Dynamics, 74(3), pp.551-557. Rachh, A.V., Shukla, Y.V. and Rohit, T.R., 2014. A Novel Approach for Detection of Blackhole Attacks. IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN, pp.2278-0661. Rai, A.K., Tewari, R.R. and Upadhyay, S.K., 2010. Different types of attacks on integrated MANET-Internet communication. International Journal of Computer Science and Security, 4(3), pp.265-274. Rajaram, A. and Palaniswami, S., 2010. Malicious node detection system for mobile ad hoc networks. International Journal of Computer Science and Information Technologies, 1(2), pp.77-85. Ramanarayana, K. and Jacob, L., 2007, July. Secure routing in integrated mobile ad hoc network (MANET)-Internet. In Security, Privacy and Trust in Pervasive and Ubiquitous Computing, 2007. SECPerU 2007. Third International Workshop on (pp. 19-24). IEEE. Siddiqua, A., Sridevi, K. and Mohammed, A.A.K., 2015, January. Preventing black hole attacks in MANETs using secure knowledge algorithm. In Signal Processing And Communication Engineering Systems (SPACES), 2015 International Conference on (pp. 421-425). IEEE. Sivakami, T. and Shanmugavel, S., 2011, December. An overview of mobility management and integration methods for heterogeneous networks. In 2011 Third International Conference on Advanced Computing (pp. 41-45). IEEE. Sivakumar, T. and Manoharan, R., 2015. OPRM: an efficient hybrid routing protocol for sparse VANETs. International Journal of Computer Applications in Technology, 51(2), pp.97-104. Sumathi, K., et al., 2015. An investigation on the impact of weather modelling on various MANET routing protocols. Indian Journal of Science and Technology, 8(15). Tahat, N., 2016. Convertible multi-authenticated encryption scheme with verification based on elliptic curve discrete logarithm problem. International Journal of Computer Applications in Technology, 54(3), pp.229-235. Tan, Z., 2013. A chaotic maps-based authenticated key agreement protocol with strong anonymity. Nonlinear Dynamics, 72(1-2), pp.311-320. Thachil, F. and Shet, K.C., 2012, September. A trust based approach for AODV protocol to mitigate black hole attack in MANET. In Computing Sciences (ICCS), 2012 International Conference on (pp. 281-285). IEEE. Wu, S., et al., 2013. Cryptanalysis and enhancements of efficient three-party password-based key exchange scheme. International Journal of Communication Systems, 26(5), pp.674-686. Xie, Q., Zhao, J. and Yu, X., 2013. Chaotic maps-based three-party password-authenticated key agreement scheme. Nonlinear Dynamics, 74(4), pp.1021-1027. Xue, K. and Hong, P., 2012. Security improvement on an anonymous key agreement protocol based on chaotic maps. Communications in Nonlinear Science and Numerical Simulation, 17(7), pp.2969-2977. Yoon, E.J., 2012. Efficiency and security problems of anonymous key agreement protocol based on chaotic maps. Communications in Nonlinear Science and Numerical Simulation, 17(7), pp.2735-2740.


Yoon, E.J. and Jeon, I.S., 2011. An efficient and secure Diffie–Hellman key agreement protocol based on Chebyshev chaotic map. Communications in Nonlinear Science and Numerical Simulation, 16(6), pp.2383-2389. Zeba Naaz, Kauser Fatima, Atheeq C., 2017. Performance Based Comparison Study of RSA and Chaotic Maps in MANET. SSRG International Journal of Electrical and Electronics Engineering (SSRG - IJEEE), V4(2). Zhao, F., et al., 2013. Cryptanalysis and improvement of a three-party key agreement protocol using enhanced Chebyshev polynomials. Nonlinear Dynamics, 74(1-2), pp.419-427. Zhen, P., et al., 2014. Key agreement protocol based on extended chaotic maps with anonymous authentication. Zhu, H., 2015. Flexible and Password-Authenticated Key Agreement Scheme Based on Chaotic Maps for Multiple Servers to Server Architecture. Wireless Personal Communications, 82(3), pp.1697-1718.