Documente Academic
Documente Profesional
Documente Cultură
Abstract. Devices of Network are used for Different purposes like Huge data
transmission, easy to access and time saving are the applications of digitized
communication system. Wireless communication systems consist of a number
of routers and links. Processing speed, link failure, control of one router over
another router as well extended delay causing huge problems in transmission.
The proposed method is based on a three phased technique. The network para-
meter detection phase includes a protocol oriented technique for network
parameter considerations and mutual node communication. To provide commu-
nication the second phase includes security inclusion in network correlated
nodes. Here this paper proposes principal and credential sharing among a num-
ber of nodes present in the network who are neighbor to each other. The last
phase of the paper includes the detection of the error present in the network. For
a flow contained development, this paper first gives an introduction related to
security in UMA network in the section one. The second section is a literature
study of some previous related works. A well-structured and modularized pro-
posal is given in section three followed by a simulation result in section four. At
last an overall conclusion is given.
1 Introduction
The world is connected through multiple data sharing centers. Long range and varia-
tion in operating regions imposes requirement of routers in networks. Routers are
coming pressures like the failure of hardware [1], unwanted control of another node
over it [2], losing of data or changing of data present in the data packet [3] [4] [5] or
headers, used for data carrying. As the distance between the source and destination
and the region of local area network (LAN) are increasing respective quantity, the risk
of network failure is going on increasing [4]. Networks are growing exponentially in
day to day life. This leads to the discovery of a suitable protocol, which is able to
detect and replace data packet transmission paths. Although repeater and router in the
network solving the coverage problem, it is enhancing the causes of errors. Some
of the most common errors include flow of the data in a way [6] [7], which are not
coming under the routing protocols. Few unwanted nodes having some adverse effect
on the networking system [8]. They try to alternate the flow of data. Cryptographic
data for data transmission is one of the solutions present in network [9] [10]. Some
solution present in the network focuses acknowledgement based transmission tech-
nique [3]. This technique is able to solve basic problems of the network. Still genera-
tion and transmission of acknowledgement put pressure on security threats detection
method and on the transmission system. The reliability is decreasing as many as
transmission occurs. Protocols are unable to detect errors as soon as possible. .
1.1 Architecture
The Internet routing infrastructure is also vulnerable to attacks. Because of the very
nature of this infrastructure, the router can act a large number of hosts, entire net-
works, or even the global Internet [11]. The objectives of routing attacks can include
black holing and loss of connectivity, track redirection to networks controlled by ad-
versaries, track subversion and data interception, or persistent routing instability [12].
There are various approaches that have been used in IP trace back, and many of these
can be broadly categorized under packet logging or packet marking schemes. Depend-
ing on such criteria as storage overhead either within the packet itself or at the nodes
traversed, link speeds, or computational demands, among other mitigating factors;
each category has its advantages and disadvantages. For example, the hash-based
approach [13] is a logging method that can trace a single packet, unlike most packets
marking schemes, which assume a reasonably large number of packets for a success-
ful trace back. Another routing technology Stealth probing is a secure data plane mon-
itoring tool that relies on the efficient symmetric cryptographic protection of the IPsec
protocol suite that is applied in end-router-to-end-router fashion. One of the other
protocol present is BGPmon, it uses XML to represent BGP messages, handling all
attribute and element types, and various classes of data [14].
1.2 Applications
1.3 Issues
It is important to initially emphasize that erasure security be relative [20]. Attacks
that are hinged upon the guess-ability of initial TCP sequence numbers (ISN): so that
an arbitrary host can exploit an address-based trust relationship to establish a client
writes-only TCP session [21]. Securing IP routing is a task that is central in diminish-
ing the Internet's liability to mascon gyrations and malicious attacks [22]. As there are
numerous attacks on published protocols, designing AKE protocols is error prone
[23]. In large and constantly evolving networks, it is difficult to determine how the
network is actually laid out. This information is invaluable for network management,
simulation, and server sitting [24]. Traditional topology discovery algorithms are
based on SNMP, which is not universally deployed [25]. Compromised routers can
drop, modify, mis-forward or reorder valid packets [26]. The BGP, routing protocol
includes no mechanism for verifying either the authenticity (correct origin) or the
accuracy of the routing information it distributes. A particularly problematic case is
that of sophisticated malicious routers (e.g., routers that have been compared) [27].
2 Literature Review
In [2], the authors have argued that robust routing requires not only a secure routing
protocol but also well-behaved packet forwarding. They have proposed an approach
to robust routing in which routers, assisted by end hosts, adaptively detect poorly
performs routes that appear suspicious, and use a secure trace route protocol to at-
tempt to detect an offending router.
The authors of [28] say FD protocols require only pair wise participation of nodes,
deployment of FD can proceed in an incremental fashion that is compatible with in-
centives for informing routing decisions at the network edge. However, when the
authors consider the placement and selection of FD protocols, natural questions arise
about the division of labor between the end host and the edge router. They argue that
the placement of FD protocols depends on the parties responsible for providing confi-
dentiality and driving routing decisions.
Pepper and Salt Probing may even be efficient enough to be deployed in the core
of the Internet, as part of an architecture where core routers inform their routing deci-
sions by running FD to destination networks.
The authors of [29] have designed and analyzed efficient path-quality monitoring
protocols that give accurate estimates of path quality in a challenging environment
where adversaries may drop, delay, modify, or inject packets. Their protocols have
reasonable overhead, even when compared to previous solutions designed for the non-
adversarial settings.
We are exploring how to compose multiple instances of our PQM protocols run-
ning over multiple paths simultaneously to determine whether the adversary resides
on either the forward or reverse path, or to localize the adversary to particular nodes
or links.
370 M. HemaLatha, P. Padmanabham, and A. Govarhan
The below figure is about the proposed methodology presented over the current
paper. This shows the three phased solution of the proposed methodology
Availability. For the availability, we are going for the formula required channels
divided by available channels. Then we have to get the maximum value which is less
than or equal to 1 for this choosing. The above parameters are detected though the
current sender and intermediate nodes or intermediate nodes to intermediate nodes.
The availability is given as the below mathematical formula.
… … … … … … … … … … … … … … … … … .. 1
Latency. This Thus the minimum latency is detected for the next communication. For
the latency detection we have to use a time stamp at each node’s register.
The latency is given by the formula-
…………………… 2
Delivery Rate. Delivery rate is decided through data sent and acknowledgement
received in a certain period of time. The best delivery rate is chosen for the next
communication.
372 M. HemaLatha, P. Padmanabham, and A. Govarhan
…………………………………… … 3
Where = acknowledgement received, = total data packet sent
Failure Data Rate. Failure can be detected through number of data packets sent and
number of acknowledgement not received in a certain period of time. Mean time can
be detected as the time difference between first failed data transmission to the nest
success data transmission.
The failure is detected through the algorithm below-
…………………………………….. 4
Where T1 and T2 is detected as given in the above, and TP is the average time
duration. TP is decided by the user.
min …………. 5
Where P1, P2 and P3 are the priorities decided by the user in choosing the best ser-
vice scenario for individual services. As previously said; minimum latency has been
the best case always in network [3] [5]. Then this paper is choosing the best average
function for the network transmission. The data is transferred in the chosen pathway.
Network Quality Estimation − Error Protection and Fault Localization 373
Most of the performance metrics are derived from the above mentioned quality pa-
rameters. Availability is done through the channel available to the required channel
available. The functionality is decided through credentials and principles described in
phase-2. Loss is a simple way of calculating acknowledgement received and data
packet sent. One way the loss is consists of one way data packet transmission and one
way acknowledgement transmission. Round trip loss is consists of two way calcula-
tion of data packet transmissions and acknowledgement transmissions. Delay is a
measurement of time stamp. For this parameter this paper proposes a time attribute
should be made at each node participating in the data transmission. The accepted
transmission should be the first acknowledgement received time. Other transmissions
are compared to the above accepted time. Utilization parameters are derived in the
above paragraph as bandwidth, capacity. A fractional summation of bandwidth re-
quired to bandwidth available with channel available to channel required gives the
utilization factor. Utilizing a node for few numbers of services is always reliable. All
path qualities are useful in different conditions.
Fig. 3. Shows the principal and credential sharing among consecutive nodes
To make one principal for whole the process and credential has to be changed at a
number of requests or a period of time. Here a node’s identity is taken as the princip-
al. The node’s identity may be a MAC address or IP address or any given name. For
the simplicity here it is proposed to have a given name. The name is alpha numeric.
The credential is generated through a function F (k). It is like the password. It is
374 M. HemaLatha, P. Padmanabham, and A. Govarhan
generated by the receiver node for the sender node. The principal is giving authentica-
tion and credential is giving authorization. These methods enhance the security to
another standard. Having a single principal and multiple credential authentications is
achieved through a number of steps.
Generation of Credentials. For the generation of the credentials this paper is giving
the below formula.
………………………… 6
Each node in the network is having a specific number. When the data packet is
moving through the network it is adding the numbers. at the time of the acknowled-
gement transmission the summation field will subtract the number.
As these two data packet and acknowledgement packet is flowing the same path, at
a specific node both values will be same. If the value is different the path has to veri-
fy. That’s the way we can get the data of failure correctly. We can get the exact loca-
tion of path failure. At this condition the quality parameters are verified.
Network Quality Estimation − Error Protection and Fault Localization 375
Summation Field (SF). At the time of transmission - The summation field is generat-
ed with the below formula
………………………………………………… 8
……………………………………….. 9
Where = summation field till the next node. , SNn= specific number of the
current node.
Suppose a network is having five nodes a, b, c, d, e. The values of the nodes should
be 1, 2, 4, 8, 16. When a data is moving from a sender to receiver the value after the
first node is 1 and after b is 3, after c is 7, after d is 15, and after e is 31. When it will
return it will return like 31, 15, 7, 3 and 0. If it is at sender it is no acknowledged as
0, the sender sends a verification message to the network. Suppose the value is com-
ing negative. Then the data packet is passed through more nodes. If it is positive, but
not zero, it is missed some node in the path. After identifying the node we can just
add or subtract the effect of that particular node. So we can get the error free data.
4 Simulation Result
The Network Simulator (NS2) [30], is used to simulate the proposed architecture. The
simulation settings and parameters are summarized in table.
376 M. HemaLatha, P. Paadmanabham, and A. Govarhan
The proposed Network Qu uality Estimation and Error Protection (NQEEP) is coom-
pared with the Trace Routee technique. The performance is evaluated mainly, accoord-
ing to the following metricss.
Packet Delivery Ratio o: It is the ratio between the number of packets receiived
and the number of packkets sent.
Packet Drop: It refers the average number of packets dropped during the traans-
mission
Throughput: It is the number
n of packets received by the receiver.
Delay: It is the amountt of time taken by the nodes to transmit the data packets.
4.3 Results
Case-1 (Exponential scena ario): Based on Rate. In our first experiment we vary the
data transmission rate as 1,2
2,3,4 and 5Mb.
Figure 5 shows the delay of NQEEP and TraceRoute techniques for different rrate
scenario. We can conclude that the delay of our proposed NQEEP approach has 770%
of less than TraceRoute app
proach.
Figure 6 shows the deliv
very ratio of NQEEP and TraceRoute techniques for difffer-
ent rate scenario. We can conclude that the delivery ratio of our proposed NQE EEP
approach has 11% of higherr than TraceRoute approach.
Figure 7 shows the dropp of NQEEP and TraceRoute techniques for different rrate
scenario. We can conclude that the drop of our proposed NQEEP approach has 884%
of less than TraceRoute app
proach.
Figure 8 shows the throu
ughput of NQEEP and TraceRoute techniques for differrent
rate scenario. We can concllude that the throughput of our proposed NQEEP approoach
has 40% of higher than TraceRoute approach.
Case-2 (TCP scenario):Baased on Flows. In our second experiment we vary the tcp
flows as 1,2,3,4 and 5.
Figure 12 shows the throughput of NQEEP and TraceRoute techniques for differ-
ent flows scenario. We can conclude that the throughput of our proposed NQEEP
approach has 14% of higher than TraceRoute approach.
5 Conclusion
Here in the paper all the network quality will take in to consideration. So we are able
to provide a best networking data transfer method. Security is maintained through a
principal and credential, which is having life of short time stamp providing high secu-
rity in data transmission. The last phase is able to solve if there is any issue present in
the network.
References
1. Goldberg, S., Xiao, D., Barak, B., Rexford, J.: Measuring Path Quality in the Presence of
Adversaries: The Role of Cryptography in Network Accountability (2008)
2. Goldberg, S.: Towards Securing Inter domain Routing on the Internet (September 2009)
3. Martins, O.A.: Affecting IP Traceback with Recent Internet Topology Maps (2005)
4. Wendlandt, D., Avramopoulos, I., Andersen, D.G., Rexford, J.: Don’t Secure Routing Pro-
tocols, Secure Data Delivery, CMU-CS-06-154 (September 2006)
5. Avramopoulos, I., Kobayashi, H., Avramopoulos, I., Kobayashi, H., Krishnamurthy, A.:
Highly Secure and Efficient Routing. In: IEEE INFOCOM (2004)
6. Janic, M., Kuipers, F., Zhou, X., Van Mieghem, P.: Implications for QoS provisioning
based on traceroute Measurements. In: Stiller, B., Smirnow, M., Karsten, M., Reichl, P.
(eds.) QofIS/ICQT 2002. LNCS, vol. 2511, pp. 3–14. Springer, Heidelberg (2002)
7. Cisco, Small Business 300 Series Managed Switch Administration Guide Release 1.3
(2013)
8. Corin, R., Durente, A., Etalle, S., Hartel, P.: Using trace formulae for security protocol de-
sign (2001)
9. Cortier, V., Warinschi, B., Zălinescu, E.: Synthesizing secure protocols. In: Biskup, J.,
López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 406–421. Springer, Heidelberg
(2007)
10. Cortier, V., Warinschi, B.: Computationally Sound, Automated Proofs for Security Proto-
cols. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 157–171. Springer, Heidelberg
(2005)
11. Padmanabhan, V.N., Simon, D.R.: Secure Traceroute to Detect Faulty or Malicious
Routing, http://research.microsoft.com/crypto/dansimon/me.htm
12. Nordström, O., Dovrolis, C.: Beware of BGP Attacks (2005)
13. Goldberg, S., Xiao, D., Barak, B., Rexford, J.: Measuring Path Quality in the Presence of
Adversaries: The Role of Cryptography in Network Accountability (2008)
14. Claffy, K.: Border Gateway Protocol (BGP) and Traceroute Data Workshop Report. ACM
SIGCOMM Computer Communication Review 42(3) (July 2012)
15. Cortier, V., Warinschi, B., Zălinescu, E.: Synthesizing secure protocols, IST-2002-507932,
JC9005 (2008)
16. Aiello, L.C., Aiello, L.C.: Verifying Security Protocols as Planning in Logic Program-
ming. ACM Transactions on Computational Logic 2(4), 542–580 (2001)
Network Quality Estimation − Error Protection and Fault Localization 379
17. Mızrak, A.T., Cheng, Y.-C., Marzullo, K., Savage, S.: Fatih: Detecting and Isolating Mali-
cious Routers (2005)
18. Zhang, X., Lan, C., Perrig, A.: Secure and Scalable Fault Localization under Dynamic
Traffic Patterns (2011)
19. Murali, G., Pranavi, M., Navateja, Y., Bhargavi, K.: Network Security Scanner. In: Prana-
vi, M., et al. (eds.) Int. J. Comp. Tech. Appl., IJCTA 2(6), 1800–1805 (November-
December 2011), http://www.ijcta.com
20. Garfinkel, S., Shelat, A.: A Study of Disk Sanitization Practices. IEEE Security and Priva-
cy (January-February 2003)
21. Daniels, T.E., Spafford, E.H.: Subliminal Trace route in TCP/IP. CERIAS Technical Re-
port 2000/10
22. Avramopoulos, I., Rexford, J.: Stealth Probing: Securing IP Routing through Data-Plane
Security (June 27, 2005)
23. Schmidt, B., Meier, S., Cremers, C., Basin, D.: Automated Analysis of Diffie-Hellman
Protocols and Advanced Security Properties (2009)
24. Martins, O.A.: Affecting IP Traceback with Recent Internet Topology Maps (2005)
25. Siamwalla, R., Sharma, R., Keshav, S.: Discovering Internet Topology. In: IEEE
INFOCOM 1999 (1999)
26. Lee, S., Wong, T., Kim, H.S.: Secure Split Assignment Trajectory Sampling: A Malicious
Router Detection System (2006)
27. Padmanabhan, V.N., Simon, D.R.: Secure Traceroute to Detect Faulty or Malicious
Routing, Microsoft Research,
http://www.research.microsoft.com/epadmanab/,
http://research.microsoft.com/crypto/dansimon/me.htm/
28. Goldberg, S., Xiao, D., Barak, B., Rexford, J.: A Cryptographic Study of Secure Internet
Measurement. Technical Report (March 5, 2007)
29. Goldberg, S., Xiao, D., Tromer, E., Barak, B., Rexford, J.: Path-Quality Monitoring in the
Presence of Adversaries (March 27, 2008)
30. Network simulator, http://www.isi.edu/nsnam/ns