Wireless Personal Communications (2021) 119:1993–2016

https://doi.org/10.1007/s11277-021-08315-4

Multidimensional Multi‑Attribute Approach to Counter

the Routing Attacks on MANET

Nilesh R. Marathe1 · Subhash K. Shinde2

Accepted: 18 February 2021 / Published online: 5 March 2021

© The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature 2021

Abstract
The Dynamic on demand network formation feature of MANET tend to have its biggest
the vulnerability that infect the process of route establishment using routing algorithms
and exploits many attacks. Identifying the attack and isolating the malicious node to reform
the secured routing environment is the major goal of all researchers working for securing
the MANET. IDS and trust based collaborative approach (ITCA) is the our first proposed
published method which provides the platform for hybrid approach to trap the malicious
nodes through combined efforts from multiple dimensions.The proposed framework utilize
the benefit of Reputation and Trust based evaluation process to secure route discovery by
isolating malicious nodes at early stage of route formation. The more advanced approach,
multi-dimensional multi-attribute system (MDMA), incorporates multi-attribute direct,
indirect trust mechanism, and use of measured risk by credibility factor, while consider-
ing indirect trust. It empowers IDS and make the ITCA more efficient. The attributes con-
sidered for calculations of trust are adaptable to change in application environment make
MDMA a flexible generalized solution. The MDMA is evaluated by implementing using
AODV and compared with our previous proposed method ITCA along with many other
solutions. The results are better and more adaptable to the changing environment.

Keywords MANET routing security · Secured routing · Worm hole · Routing attacks ·
Direct and indirect trust · ACK based IDS

1 Introduction

The enormous function of the wireless network known as MANET is random interaction
between transient networks formed by mobile nodes. The formation of dynamic topology
without the demand of big infrastructure makes the MANET useful in a situation of Natu-
ral calamity or military application or even the application which demands immediate and

* Nilesh R. Marathe
[email protected]
Subhash K. Shinde
[email protected]
1
RAIT, Nerul, Navi Mumbai, India
2
LTCOE, Kopar Khirane, Navi Mumbai, India

13
Vol.:(0123456789)
1994 N. R. Marathe, S. K. Shinde

temporary set-up of the network. The cooperative nature of MANET allows to change the
role of nodes as per requirement like node can be the user of service for transmitting his
own data or can work for other by being part of a route to forward others data. In both situ-
ations of using the resources to forward our own data or being just forwarder, the scarce
resource that is the energy of node limits its transmission range [1] and forces to form
a limited range dynamic topology-based network. It adds up more hops in a route while
transmitting data from source to destination. The transient self-configured dynamic envi-
ronment gives the flexibility to adapt the ongoing topology get formed at runtime. So
the major challenge of the flawless establishment of dynamic network with a continuous
update in the topology is handled by routing protocols proposed for MANET. Most popular
and standard routing algorithm among different categories used for many real-life scenar-
ios are OLSR, AODV, and ZRP [2] as shown in Fig. 1 [3].
The analysis of drawbacks and vulnerabilities in MANET routing classified in three
types given in Fig. 1 is stated in Table 1.
So every routing algorithm belongs to any category is vulnerable for routing attacks so
need to have some common generalised solution to make routing more secure. ACK based
solutions proposed by different authors for exampleEAACK [4], AACK [5, 6], TWOACK
[7] provides a single dimensional approach of making route discovery process more
robust but increase overhead traffic and put a lot of burden on source nodes. The Improved
EAACK [8], generic request reply based mechanism [9, 10] tries to reduce the overhead
still rely on source node to perform malicious node detections. Improved ITCA [11] pro-
poses the real-time approach for ACK based system against ITCA [12] and adapts multidi-
mensional approach but considers only direct trust calculations. The MDMA proposed in
this paper proposes real-time multidimensional and multi-attribute based system which is a
more general and adaptive to changing application environment.
The paper discuss in detail the proposed Multidimensional Multi-attribute method as a
adaptive generalised defence put up against the attacks on routing algorithms of any cat-
egory from classification given by Fig. 1. The Sect. 2 of the paper give the literature survey
followed by problem definition given in Sect. 3, supported with Sect. 4 giving the details of

Fig. 1  Routing in MANET

13
 Table 1  Analysis of possible attacks over routing protocols
MANET
OLSR AODV ZRP

Parameter for Analysis Proactive Reactive Hybrid

Control Packets used for Periodic Triggered messages Route Discovery Control Packets Route Discovery and maintenance Control Packet
attempting an attack
Multidimensional Multi‑Attribute Approach to Counter the…

Possible traffic Overhead MPR details updates and broadcasting Alternate route tracking Managing the Route discovery for Interior and Exterior Zones
Topology Update Period At regular time intervals Based on request Both
Defence against reply attacks No Using Sequence Number Using Sequence Number
Most Targeted Nodes MPR – peripheral node
Attacks possible Network Layer Attacks like based on Network Layer Attacks like DOS etc Network Layer Attacks like replay etc
Packet Dropping etc.
1995

13
1996 N. R. Marathe, S. K. Shinde

the proposed framework, results and analyses presented in Sect. 5 accompanied by findings
and further research. The literature review given in next section classifies the related work
in three domains and elaborate using comparative analysis.

2 Literature Review

The mobile network (MANET) might be considered as an extension of PN from PAN with
the challenge of managing dynamic self-organizing network [13]. The routing security is
also a major issue need to be handled for such rapid changing topology. Many research-
ers have proposed different methods to achieve it which are mainly classified according to
design and defined goal [14]. The literature survey of these existing solutions is analysed
and discussed below by classifying mainly in three types as:

1. ACK-based solutions The ACK-based solutions are used for identification of packet
drooping attacks and track the malicious node to isolate it from network. It utilises the
RREQ/RREP control packets of the routing protocols for identification of misbehaving
nodes. It helps in detection of selfish nodes at early stage of route establishment but has
some flaws and also a non real-time solution.The comparative analysis of some of these
methods is elaborated in Table 2 given below.

– Moudni [15] modifies AODV route establishment procedure to defend black hole
attack. It asks nodes to generate two RREP against each RREQ and verifies the
sequence number to check its validity. It broadcasts two RREPs with sequence numbers
having difference of one value(first-RREP-seqno +1). The malicious nodes respond
with RREP having maximum sequence number and get tracked as expected to have one
more RREP but with maximum difference of one value. It creates a lot of overhead as it
broadcast two RREP per RREQ at the destination as well as at the intermediate node.
– Gopal Singh [16] has proposed reliable metrics for secure routing in MANET. It uses
three metrics based on the knapsack algorithm. The network parameters like band-
width, delay, packet delivery, etc. are used for the calculation of metrics and used to
decide the most reliable path to get selected. This considers only network performance
as a parameter so need to consider additional parameters also.
– Shariq Mahmood Khan proposes the Reliability Factor-based route discovery algo-
rithms [17]. It performs multi-attribute based calculation for RF and then compared RF
of an existing route with RREP to decide reliable link. So it becomes vital to consider
multiple parameters before doing the route selection which might take more time.
– Sakshi Yadav et.al [18] performs the validation of the RREQ before selection of any
route. The method overrides the rule of selection less hop count path as the best route
and calculates the median of the existing and new request hop count use it as a thresh-
old for identifying the attempted black hole attack. It will be good preventive action but
may increase a lot of delay in route establishment which may increase packet loss.

2. Trust-Based solutions Trust and Reputation-based methods can be one of the good
solutions for defending against the DOS and DDOS attacks [19]. Most of the solutions

13
 Table 2  Analysis of related work in ACK-based solution
Classification of proposed Proposed related algo- Brief of method Objectives Limitations Proposed method
solutions rithms

ACK based Solutions Modified AODV [15] Generate two RREP with Less complex targeting to Lot of overhead as for one Need to have a real-time
sequence-number+1 for Black hole attack RREQ every intermedi- solution
second RREP—so RREP ate and destination nodes
with large sequence generate two RREP
number than sequence-
number+1 identifies as
malicious
Multidimensional Multi‑Attribute Approach to Counter the…

Attack Aware Alert Tracks the delay in data Simple mechanism of RTT The malicious effect is not
(A3AODV) [28] forwarding based on is considered to generate always the reason of the
RTT​ alert delay may have other
reasons too.—chances of
false alarm is more
Timer-based Bait Tech- Flood the network with Simple lightweight Considered as all nodes
nique [29] route request with time approach for attack give legitimate response
tag detection which will not be the
case
1997

13
1998 N. R. Marathe, S. K. Shinde

are considering only the performance parameters as a measure of evaluating trust which
make it more rigid. It can be supported with a combination of multiple sets of attributes
to have robust calculations and also it will be generalised to work with a different set of
routing protocols and also for different application domains. The comparative analysis
of some of these methods is elaborated in Table 3 given below.

– Aminu Usman [20] proposes a DATM dynamic attribute trust model which defined
over three dimensions exchange of attribute summery, do the trust evaluation then
perform the transaction It performs the handshake of attribute vector having con-
figured as characteristics of the transactions. The available size of the peer’s buffer
determines its routing capacity and its reliability for packets forwarding in collabora-
tive routing.
– Radhika Saini [21] proposes the reputation and behaviour based calculations to
establish dynamic trust among the nodes of MANET. The only parameter base trust
calculations might not able to detect the sophisticated attacks or random behaviour
of the node.
– Ruo Jun Cai has proposed an evolutionary self-cooperative trust (ESCT) [22] where
every node does the self-detection for direct neighbours as benign or malicious and
calculate trust for it. Then it initiates the cooperative detection and asks to share
other node experience to decide node as malicious or genuine. For that, it needs to
broadcast hello messages periodically and maintain the matrix of opinions which
will be overhead for mobile nodes so for lightweight applications it will definitely be
the overhead in terms of traffic get generated memory and also energy.

3. IDS solutions. The formation of role based rules to perish malicious nodes and give
justice to legitimate nodes is the main function of IDS. The network layer attack on
MANET can be categorized as both that hampers the integrity and the one which just
overhear or observe. The solutions proposed for detection of theses attacks are classified
into mainly two approaches as Point Detection and Intrusion Detection algorithms [23]
which need to used in support of Trust and ACK based methods to make the system
more effective. The comparative analysis of some of these methods is elaborated in
Table 4 given below.

– The polynomial is a factor which works as IDS to tracks the hops and nodes pre-
sent on the route and applies the concept of the machine learning to track normal
and misbehaviour in an algorithm proposed by D.Arvind Varma [24]. This ability to
reach to point of misbehaviour but difficult to track exact malicious nodes.
– Implementation of Bloom filter with path signature to track malicious behaviour is
proposed by Danai Chasaki [25]. The approach is complex and requires a lot of cal-
culation even in case of less percentage of malicious nodes in the network.
– Garima Neekhra [26] proposes the behaviour based IDS system which keeps moni-
toring the nodes to detect Gray hole attack on MANET. The IDS main role is to
track the random behaviour of the node. The IDS should be more robust considering
additional parameters for observation.

13
 Table 3  Analysis of related work in TRUST-based solutions
Classification of proposed Proposed related algo- Brief of method Objectives Limitations Proposed method
solutions rithms

Trust and Reputation Trust-based SORT [30] Define concept of peer Consideration of multiple Complex but very efficient Trust calculations has to
Based system satisfaction of every attributes with reputation system but need to define considered application
interaction based on system make the system credibility while consid- based attributes as well as
network attributes more stronger—based ering indirect feedback indirect opinion
on reliability upgrades
some nodes as recom-
mender
Improved Probing Identify and track the Secure communication Periodic probing might
approach for DSR [31] confidentiality of the based on concept of was the biggest overhead
nodes.—To trust or dis- OTP and D-H algorithm
Multidimensional Multi‑Attribute Approach to Counter the…

card nodes, integrity is

evaluated.—Testing uses
end-to-end acknowledge-
ments
T_AODV [32] Node classification Make the routing process Trust value calculations
for measuring their more robust to defend are one-sided so chances
trustworthiness.—Reli- packet drooping attacks of influenced trusting is
ability calculations using more.—Vulnerable for
independent method. cooperative attack
Path length and rating Identify the common inter- Vector of attributes are Rigid for scalability—
based trust [33] est nodes to build trust used to evaluate trust Constrained based net-
chain and avoid infection levels working, limited scope
of solution
1999

13
 2000

13
Table 4  Analysis of related work in IDS-based solutions
Classification of proposed Proposed related algo- Brief of method Objectives Limitations Proposed method
solutions rithms

IDS Voting based IDS [34] Neighbouring nodes vote is Cooperative nodes will Voting can be biased Role based access control
the major factor for veri- able to track and isolate and consideration of cred-
fying nodes reliability the malicious node ibility factor
IDS for improved AODV Hop count and RTT are one dimensional approach, Difficult to track exact hop
[35] combined to use as a less overhead count
parameter for IDS
IDS with Bloom Filter Path signature is used for Path based signature able Dynamic nature will not
[25] filtering and to find mali- to have eyes over misbe- allow to keep the path
cious activity in path haviour value constant—in
MANET topology is
always keep changing so
defining path signature
is very difficult
Hybrid IDS [34] Collaborate the EAACK Hash based data validation Not able to track malicious
based IDS system with is performed node but able detect
SHA256 hash presence of attack—
EAACK put lot of
overhead while reaching
to malicious link than
node
N. R. Marathe, S. K. Shinde
Multidimensional Multi‑Attribute Approach to Counter the… 2001

– The hybrid approach which collaborates the EAACK based IDS system with SHA256
hash-based and RSA, AES based data authentication for detection of malicious nodes
proposed by Vaishnavi Joshi [27]. It does the data validation and in case of mismatch of
signature tries to declare the presence of attack but not reach to the malicious node.

3 Problem Definition

An emerging wireless technology, MANET network, can be deployed in any environment

and at any time in a cost-effective way. It is the network of self-organized nodes which are
mobile in nature. This makes the MANET to adapt the continuous changing topology and
challenge the routing algorithms to implement in such way that in any circumstances it
keeps the network up with minimal delay and packet loss. This force the routing solutions
to have a continuous flow of the control packets among nodes so that routes are updated
frequently to adapt to the dynamic changing topology. The intruders or attackers take
advantage of this approach of routing algorithms and exploits flows in it. The attackers use
the same control packets used by the routing protocols for route establishment to plant the
different kinds of attacks. This make routing protocols even belongs to any of the category
inherently vulnerable to attack. Though it is beneficial to various emergency, military and
transport applications, it is become vital to make routing inherently secure and robust.
The objective set for secure routing in MANET are as follows:

1. To proposed new collaborative approach which will improve the efficiency of existing
routing algorithms to establish the secure path and identify a robust way for the forma-
tion of the secured route in MANET
2. To develop an ACK-based system which is supported by the Trust so that the route
discovery process becomes more robust and secure.
3. To develop the trust management and reputation based solution that will perform the
calculation of the ratings based customized, application-oriented, set of quality of ser-
vice parameters provided while performing transactions. This will support the malicious
node detection and isolation mechanism to identify irresponsible nodes and confine them
from the network.
4. To develop a role-based approach in IDS that will classify the node based on their
behaviour.
5. To propose a novel application-specific method which will analyse the network through
multi-dimensional observer to track exact malicious node.

4 Multi‑dimensional Multi‑attribute Based Approach (MDMA)

The MDMA proposes the real-time solution with less overhead for improvement of ACK
based systems defined in traditional and ITCA method. The support of trust for ACK
based attack detection make the MDMA more robust and efficient. It adapts the attributes
of implemented application environment in trust calculation along with the indirect rec-
ommendations, is the key feature of MDMA. The MDMA method is a multidimesional

13
2002 N. R. Marathe, S. K. Shinde

approach to dignose the attack and reach responsible node to punish it. The dimesnion are
elborated in detail in three section given below

1. Improved Attack Detection phase: Real-time aspect improves the efficiency of algorithm.
2. Node Reliability: Trust Value (trustValN ) : Customised attribute and Consideration of
Indirect trust make it more robust.
3. Role based mechanism: IDS : Supports to penalise the misbehaving nodes

4.1 Improved Attack Detection phase

The existing traditional methods and even ITCA [12] relies on source node to perform
defensive steps which make the system non real-time with slow detection process. ITCA
overburdens the source node whereas the MDMA make the system real-time and involve
every node participating in routing to be responsible for attack discovery and suspicious
node detection. The comparative diagram of the ITCA and MDMA ACK-based system is
given in Fig. 2.
Every intermediate node is expecting the data from previous node as a response to
its RREP(the node is want to be the part of route) control message. This fact is used by
MDMA for identifying the intention of previous node by waiting for 1 amount of time to
receive data. The working of ITCA and proposed improvement in MDMA is explained in

Fig. 2  ACK based solutions a ITCA [12] (traditional systems) versus b MDMA (improved ITCA [11])

13
Multidimensional Multi‑Attribute Approach to Counter the… 2003

more detail in one of our published paper Improved ITCA [11]. The equation for real-time
threshold calculations given in 1. It will be considered as the trigger for initiating the Mali-
cious node Isolation and Detection process.
�
2 ∗ RTT,
∑n
Intial value
DataTimer = (RTT) (1)
2 ∗ k=0n For all future transactions

The RTT is calculated as given in Eq. 2.

RTT = RREPT − RREQT (2)
The transport layer of the network model wait for (3 ∗ RTT) to retransmit the data so with
that consideration in the proposed method even by considering the collision the packet
should be received with (2 ∗ RTT) time. Thus duration DataTimer is justifiable to gener-
ate alert for an attack at initial state. Later for consecutive 10 transactions between source
and destination the average RTT​ is calculated and updated for DataTimer . So whenever the
packet not gets forwarded, the next-hop node alerts about the presence of the attack and
consider the previous-hop node as a suspicious node.

4.1.1 Real‑time Attack Identification: Flow Chart and Algorithm

The above process is stated in algorithm 1 and analysed against the ITCA as shown in
Fig. 3. The flowchart depicts the simplicity of the proposed modification. It drastically
reduces the control packets generated.

Result: Identification of routing Attacks

Initiate RREQ /RREP for path identification;
while Packet Transmission do
To be part of the route, select the node with the role of ”forwarder” or ”Recommender” .;
Keep track over packet forwarding status;
if DataT imer expires then
If a node has not forwarded the data deliberately
View the node as a suspect node and begin the process of identification and isolation of the node .;
end
end
Algorithm 1: Routing Attack identification algorithm

Delay in packet forwarding over and above the defined threshold as stated above by any
node in route, alerts the network for presence of attack and existences of spurious nodes.
The method is extended so that the exact responsible node for abnormal behaviour is dis-
covered and isolated from the network, It is performed by the next phase elaborated further
in the following section.

4.1.2 Concealing the Malicious Node: Flow Chart and Algorithm

The ITCA [12] and nearly all traditional ACK based solutions Improved EAACK [8],
Generic Request-Reply [10], etc., source node has to broadcast the list of suspicious nodes
then every node will check in its vicinity presence of suspicious node this generates a lot of
traffic. Rather in an improved system the only node, which takes part in route, will follow

13
2004 N. R. Marathe, S. K. Shinde

Fig. 3  Comparison of Flowchart for Attack Discovery a traditional ACK-based method b MDMA

the detection process by itself rather than waiting for the source node to declare suspicious
list in case if it perceives the presence of malicious node.
The main purpose of proposing the process of suspicious node detection is to vali-
date node activity as malicious or legitimate. The main intention of proposing the Mali-
cious Node Detection Phase is to confirm the node behaviour as malicious or legitimate.
Neighbouring nodes of suspicious node enquire the route for non-existent node using fake
RREQ. If the suspect node is malicious, the RREP reaction message will certainly be sent
without checking its routing table. If neighboring nodes receive RREP reply for the fake
destination from the suspect node, that node is concluded as malicious. It blacklists the
malicious node, resets its trust values to zero, demotes its position as “USER” and will not
respond to any malicious node-received RREP packet. These nodes are therefore no longer
considered for the establishment of the route.

13
Multidimensional Multi‑Attribute Approach to Counter the… 2005

This will be done by all the nodes involved in the route for every other node from whom
the packets are not received. So the proposed improved method can detect the malicious
node

– whether it is a malicious node so dropped all packets

– or the previous node of that node might have not forwarded any packets.

in either of cases, if the node replies to fake RREQ it is concluded that it is malicious.
The confirmation of the suspect node as malicious and concealed it from network is
done by the algorithm 2 and shown in flowchart 4.

Result: Malicious Node Identification and Isolation

initialization;
if suspicious node alert then
Check node Precursor List For Suspicious Node;
if Entry Found then
Create RREQ Packet With Fake Destination;
Send fake destination RREQ Packet with 1 Hop TTL;
if RREP Received then
Blacklist the Node, reduce its Trust Value to zero and do not respond to RREP from such nodes.;
end
end
end
Algorithm 2: Steps to Identify Malicious node

The MDMA method elaborated till now defines defense against one way of attempting
an attack which takes the advantage of flaws in routing mechanism and plant attack. But
there are multiple other ways of attempting an attack. So just to believe on one dimension
of detection is half secure so the other way or dimension which detects more sophisticated
attacks, which not get detected by the first dimension defined in this section, are get tracked
by “Trust-Based Approach” given in next section.

4.2 Node Reliability: Trust Value (trustValN)

The reliability of a node can be verified by monitoring its behaviour. The transaction
history of a node defined in terms of trust value justifies the reliability of the nodes. The
bifurcation of roles based on trust value help to isolate infected nodes from the route.
The range of trust values is defined and mapped to the role according to rule explained
in IDS. When considering a single attribute, confidence calculations can be made sim-
pler, but it can be made stronger when adding more attributes for direct trust calcula-
tion. In basic trust calculations defined in ITCA [12] as given by Eq. 3 [12] all nodes
are configured as “Forwarder” with defined trust value as 0.4 which will be updated
dynamically based on node reputation.

⎧ 0.4, By default
⎪
trustValN = ⎨ trustValN + 0.04, 𝐈𝐟 DPFR ≥ 0.7 (3)
⎪ trustValN − 0.08, otherwise
⎩

where DPFR is the data packet forwarding ratio.

13
2006 N. R. Marathe, S. K. Shinde

Fig. 4  Flowchart for Malicious Node Detection

The basic Eq. 3 of trust calculation will not consider the neighbouring node opinion that
is indirect trust which is equally important to avoid collaborative attacks. The indirect trust
value given by the participating node with the credibility factor of that node is also part of
the final trust calculation that is TEval in the modified trust equation as given below 4.

13
Multidimensional Multi‑Attribute Approach to Counter the… 2007

⎧ 0.4, By default
⎪
trustValN = ⎨ trustValN + 0.04, 𝐈𝐟 TEval ≥ 0.7 (4)
⎪ trustValN − 0.08, otherwise
⎩

where trustEval given by Eq. 5

trustDirect
TEval =
trustIndirect ∗ CredibilityNode (5)

4.2.1 Direct Trust Calculations

The modification proposed an attribute-based solution for trust calculation as well as a

factor by which method can validate or control the rating given to the node. Feedback of
next-hop node based on forwarded data is the key factor in Reputation-based system. The
proposed method use multi-attribute vector to represent reputation value known as Sval for
more accurate and genuine results. Along with the duration factor, this value is used to
calculate the trustDirect parameter after every transaction. Let trustDirect(x, y) denotes an
evaluation given by participant x for y for performed transaction, trustDirect then can be
computed as 6.
trustDirect = w1 ∗ (Sval ) + w2 ∗ (Deliverytimeratio ) (6)
Where,the flexibility of choosing the more important attribute can be given by adjusting
the weights assigned to it but it should be bound to w1 + w2 = 1.
Satisfaction Value: Sval
∑
n
Sval = (Wk )ak (7)
k=0

The application oriented generalisation of the attributes ak is possible using Sval 7 equation
with flexibility of deciding priority using weights Wk.
Delivery time ratio: Deliverytimeratio
DeliverAct
Deliverytimeratio =
DeliveryExp (8)

Assuring timely delivery using Deliverytimeratio .

4.2.2 Indirect Trust Calculation

The direct trust calculations are based on the parameters measured by the node itself and
considered for the trust calculation. This might be manipulated by the node to increase its
trust value. So rather relying on just direct trust calculations, the indirect trust given by
neighbours can be used as a check against spurious calculations. For this, every node inti-
mates the forwarded packet details to two-hop nodes which intern use it for trust calcula-
tions of the previous node. So the received packet attributes are compared with the details
forwarded by two-hop nodes to measure the reliability of the node as shown in Fig. 5
depicted in Eq. 9.

13
2008 N. R. Marathe, S. K. Shinde

( )
Sval2Hop ( )
trustIndirect = 𝛽 ∗ + 𝛼 ∗ Deltimeratio (9)
Svalactual

Where, 𝛽 + 𝛼 = 1 are the weights assigned to the attributes ratio of Sval2Hop and Svalactual
calculated by Eq. (7) and Deltimeratio as given in Eq. (10).
The Sval2Hop calculated by Eq. (7) by considering the parameters forwarded by two hop
node.
Whereas Svalactual calculated by same Eq. (7) but based on parameters of received pack-
ets from previous nodes.
Delivery time ratio :- Deliverytimeratio
DeliverAct
Deltimeratio =
DeliveryExpTwoHop (10)

It is the ratio of the ensured delivery time calculated based on details forwarded by two hop
node vs actual delivery time of the product.
Trust calculations are used as a measure for proposing the categorization of nodes
based on their roles and consideration of calculated indirect trust using credibility factor.
Whereas the defined set of policies over performed reputation calculations plays the role of
defining legitimate or misbehaviour of a node, as defined in next section IDS.

4.3 Role Based Mechanism: IDS

Observation recorded in terms of trust value has to be channelized by the proper role-based
ruling system so that the routing process can be more secure and robust is done by pro-
posed Role based mechanism. Any kind of suspicious activity gets tracked by IDS and
helps to isolate the responsible malicious node from being part of the route.
The proposed Role-based mechanism: IDS classifies the nodes based on the measurable
unit of Trust Value in the range of 0 to 1. In addition to predefined rules, this method pro-
poses the use of credibility factor while consideration of indirect trust.

1. Recommender: Most trusted nodes in the network, suggestions about next-hop nodes
towards a particular destination given by these nodes has given highest priority for
consideration in route establishment.

Fig. 5  Indirect Trust Calculations

13
Multidimensional Multi‑Attribute Approach to Counter the… 2009

2. Forwarder: Node has to be at least qualified to this level to take part in route. These
nodes can take part in route establishment but also get observed for malicious activity
as has maximum chances of exposure for an attack.
3. User : The node which will not perform consistently or find for misbehaviour are pun-
ished by degrading their trust values. These nodes can request to establish a route for
forwarding their data but cannot take part in any route for data forwarding of other nodes
under the controlled environment of the number of requests generated per duration to
avoid attempting DOS attacks.

All the nodes are initialized with the trust value of 0.4 as there has to be forwarder in the
network to establish any route. Further, the node will become more trustworthy if it shows
consistency in data delivery measured by a gradually increasing graph of its trust value by
0.04 with certain rules gives as below

(1) with role as a Recommender: Expected to accomplish 80% consistency.

(2) with role as a Forwarder: Expected to accomplish 70% consistency.
(3) with role as User: In case of malicious behaviour get detected trust value decreases with
double that is 0.08 even for one bad transaction. So such degradation in performance
may tend to fall trust of node and force to change its role as “User” that is it can no more
take part in route. This real-time isolation is becoming the key factor for improvement
in data delivery.

Node Credibility (Credibilitynode) :- It is considered for final trust calculation for measuring
the credibility of feedback given by neighbouring node in terms of indirect trust. So rather
just believing or considering trust value as given by next hop node, it will be weighted
against it’s nodes trustworthiness as elaborated in Eq. 11
{
0.8, If Recommender
CredibilityNode =
0.4, If Forwarder (11)

Performance of the proposed method MDMA is measured by implementing it on Qualnet

5.1 simulator discussed in the following section.

5 Experiment Work and Results

The implementation results of the proposed MDMA is compared and analysed with exist-
ing methods given below

1. ITCA [12]
2. Improved EAACK [8]
3. Generic Request/Reply method [9]
4. TWO-ACK [7]
5. AODV [3]

The graph based on standard parameters are considered for measuring effectiveness of the
MDMA against existing solutions. The simulation for testing proposed method MDMA

13
2010 N. R. Marathe, S. K. Shinde

is created using Qualnet5.1 by configuring 40 nodes in the environment of 1500 × 1500

meter area as shown in Fig. 6. The 10 pairs of sender and receiver nodes are configured to
run a CBR application agent for 100 packets. The efficiency and effectiveness of MDMA
are tested against an increasing proportion of malicious nodes with respect to legitimate
nodes that is from 0 to 50%.
Packet Drop: - The main target of an attack is to reduce the packet delivery so that the
service provided by any node is get affected. So for improvement in the packet delivery, it
is necessary to identify the malicious nodes at earliest to reduce packet drop percentage.
MDMA proposes the real-time ACK based solution which detects and isolate the malicious
nodes present in the route of the ongoing transaction so that the packet drop percentage is
reduced. This approach finds successful in detecting inherent malicious nodes at earliest for
any ongoing transactions over other existing methods or even ITCA as clearly shown in the
graph given in Fig. 7. Every node in the route is involved in the process of secure routing,
that helps to speed up the detection of an attack and selfish nodes. Later the isolated nodes
are blacklisted so that further it will not be considered while the formation of the route.
PDR: - The proposed method can be said as well defined if it improves the packet
delivery. The service quality of any system is measured against its effective data deliv-
ery. The real-time and trust supportive approach of MDMA succeeds in keeping the
selfish nodes away from the route is reflected in the graph of PDR shown in Fig. 8.
PDR in normal circumstances reaches 90% whereas greater than 60% PDR is achieved
even in case of more than fifty percent nodes are malicious. While comparing with even
ITCA, it shows a slight improvement in PDR but with less overhead. The comparison
with other existing systems clearly shows the improvement in packet delivery. This will
be the major achievement of the proposed system which improves the performance.

Fig. 6  Topology used in simulation

13
Multidimensional Multi‑Attribute Approach to Counter the… 2011

Fig. 7  Analysis over Packet Drop percentage

Fig. 8  Analysis over Packet Delivery Ratio

End-to-End Delay:- The overall delay is a measure of adaptability about overhead

inured because of suggested improvement, but reduced control packets, in the proposed
system shown in graph 9. MDMA tries to make the Attack detection and Isolation pro-
cess more simpler and real-time which suppresses the required time, delay in the isola-
tion process and also compensates additional time utilized for bit complex interdepend-
ent trust calculation process. Still delay is a bit more in case of more malicious nodes
in the network than even ITCA but comparatively packet delivery slight better whereas
demands use of fewer control packets. Both proposed systems increase the delay over
other existing methods but it is because it delivers more than 60% packet even in case of
the dominant number of infected node in the network.
Control Packets : - MDMA suppress the overhead by reducing requirement of con-
trol packets as shown clearly by graph in Fig. 10. The MDMA mechanism avoids the

13
2012 N. R. Marathe, S. K. Shinde

Fig. 9  Analysis over End-to-End Delay

Fig. 10  Analysis over Control Packets

involvement of source node for tracking packet forward count and suspicious node.
Rather every node is responsible for tracking the packet delivery and suspect in the
route. This reduces the number of control packets generated than in ITCA. The graph
includes the total number of control packets used in the implementation of an existing
and proposed system such as default control packets like RREQ, RREP, RERR, and
additional control packets generated by MDMA and ITCA. It tries to detect the selfish
nodes at a very early stage of routing and once detected needs to be intimated to other
nodes about such blacklisted nodes so that it can be completely isolated from the net-
work and resists it from being part of any route, this definitely increases some overhead.
As done in other ACK based proposed system MDMA also uses additional fake RREQ
packets for tracking infected node but avoids the source-based attack detection process
which reduces the generation of additional control packets.

13
Multidimensional Multi‑Attribute Approach to Counter the… 2013

6 Conclusion and Future Scope

The proposed modification in ITCA named as MDMA can detect malicious node through
rigorous evaluation of node by ACK-based real-time node isolation process supported by
direct, indirect and multi attribute-based trust mechanism and in controlled monitoring
approach of IDS. The modification in existing ACK-based solution incorporated in both
methods makes routing inherently secure. It works efficiently even in case of a collabo-
rative attack. As the malicious node detection algorithm will get initiated only when the
misbehaviour gets sensed that is when an attack gets tracked, this suppresses the number
of control packets generated and thus reduce overhead. The implementation of the cur-
rent project successfully insulates infected nodes through multiple attributes-based trust
calculation supported for ACK-based approach with multiple dimensions and isolate the
detected node from being a part of any path in the future. So the effect of which the system
will become more robust against random behaviour, selfish nodes, flooding or even col-
laborative attacks. Consideration of additional attributes with application-oriented struc-
ture gives flexibility and makes the proposed solution more generalized. The inclusion of
the credibility factor along with the indirect trust of the node will give the proper justice
to the trust calculations. Overall the route discovery process is more secured, trust calcula-
tions are robust and IDS keeps the malicious nodes away from the path while doing proper
justice with honest nodes.
The current research is focused mainly on making the routing process inherently
secured. The modifications incorporated as real-time ACK-based solution, Adaptive trust-
based solution and role-based IDS solution perform well. The scope of the work is cur-
rently restricted till the routing process, it can be extended by incorporating the data trans-
mission security with cryptography solutions. The hash of the attributes can be included in
the current proposal as future work to validate the transmission and make the system more
robust. Even this mechanism can be utilized for incentives given to nodes. So it can have a
deeper analysis of security constraints to have a solution which can defend attacks at all the
layers.

References
1. Kunavut, K. (2014). Performance and comparative analysis of energy consumption for mobile ad hoc
routing protocols. In 2014 14th International Symposium on Communications and Information Tech-
nologies (ISCIT), pp. 76–79. https​://doi.org/10.1109/ISCIT​.2014.70118​73.
2. Samara, C., Karapistoli, E., & Economides, A. A. (2012). Performance comparison of MANET rout-
ing protocols based on real-life scenarios. In IV International Congress on Ultra Modern Telecommu-
nications and Control Systems, 2012, 870–877. https​://doi.org/10.1109/ICUMT​.2012.64597​84.
3. Gupta, R., & Jain, C. (2011). Mobile Adhoc network(MANETS): Proposed solution to security related
issues. Indian Journal of Computer Science and Engineering (IJCSE), 2(5), 738–746.
4. Shakshuki, E. M., Kang, N., & Sheltami, T. R. (2013). EAACK x2014; A secure intrusion-detection
system for MANETs. IEEE Transactions on Industrial Electronics, 60(3), 1089–1098. https​://doi.
org/10.1109/TIE.2012.21960​10.
5. Sheltami, T., Al-Roubaiey, A., Shakshuki, E., & Mahmoud, A. (2009). Video transmission enhance-
ment in presence of misbehaving nodes in MANETs. Multimedia Systems, 15(5), 273–282. https​://doi.
org/10.1007/s0053​0-009-0166-0.
6. Sandhiya, D., Sangeetha, K., & Latha, R. (2014). Adaptive ACKnowledgement technique with key
exchange mechanism for MANET. In 2014 International Conference on Electronics and Communica-
tion Systems (ICECS), 2014, pp. 1–5. https​://doi.org/10.1109/ECS.2014.68927​33.

13
2014 N. R. Marathe, S. K. Shinde

7. Balakrishnan, K., Deng, J., & Varshney, V. K. (2005). TWOACK: Preventing selfishness in mobile
ad hoc networks. In IEEE Wireless Communications and Networking Conference, 2005, Vol. 4, pp.
2137–2142. https​://doi.org/10.1109/WCNC.2005.14248​48.
8. Patil, A., Marathe, N., & Padiya, P. (2015). Improved EAACK scheme for detection and isolation
of a malicious node in MANET. In International Conference on Applied and Theoretical Comput-
ing and Communication Technology (iCATccT), 2015, pp. 529–533. https​://doi.org/10.1109/ICATC​
CT.2015.74569​41.
9. Bhagat, S., Padiya, P., & Marathe, N. (2017). A generic request/reply based algorithm for detection
of black hole attack in MANET: Simulation result. In 2017 8th International Conference on Com-
puting, Communication and Networking Technologies (ICCCNT), Vol. 00, 2017, pp. 1–7. https​://
doi.org/10.1109/ICCCN​T.2017.82040​58.
10. Bhagat, S. P., Padiya, P., & Marathe, N. (2017). A generic request/reply based algorithm for detec-
tion of black hole attack in MANET. In International Conference On Smart Technologies For Smart
Nation (SmartTechCon), 2017, 1044–1049. https​://doi.org/10.1109/Smart​TechC​on.2017.83585​29.
11. Marathe, N. R., & Shinde, S. K. (2020). Improved itca method to mitigate network-layer
attack in manet. In: Jain, L. C., Tsihrintzis, G. A., Balas, V. E., & Sharma, D. K. (Eds.)
Data communication and networks. Springer, Singapore, 2020, pp. 245–253. https​://doi.
org/10.1007/978-981-15-0132-6_16.
12. Marathe, N., & Shinde, S. K. (2019). ITCA, an IDS and trust solution collaborated with ACK based
approach to mitigate network layer attack on MANET routing. Wireless Personal Communications,
107(1), 393–416. https​://doi.org/10.1007/s1127​7-019-06282​-5.
13. Niemegeers, I., & Heemstra de Groot, S. (2002). From personal area networks to personal net-
works: A user oriented approach. Wireless Personal Communications, 26, 175–186. https​://doi.
org/10.1023/A:10199​12421​877.
14. Majumdar, A., & Banerjee, S. (2015). Different secured routing protocols for mobile Ad Hoc net-
works and its vulnerabilities: A review. In International Conference and Workshop on Computing
and Communication (IEMCON), 2015, 1–5. https​://doi.org/10.1109/IEMCO​N.2015.73444​53.
15. Moudni, H., Er-rouidi, M., Mouncif, H., & Hadadi, B. E.(2016). Modified AODV routing protocol
to improve security and performance against black hole attack. In 2016 International Conference
on Information Technology for Organizations Development (IT4OD), 2016, pp. 1–7. https​://doi.
org/10.1109/IT4OD​.2016.74792​65.
16. Singh, G., Rishi, R., & Rohil, H. (2016). Secure routing in MANETs using three reliable matrices.
In 2016 3rd International Conference on Computing for Sustainable Global Development (INDI-
ACom), 2016, pp. 880–884.
17. Khan, S. M., Nilavalan, R., & Sallama, A. F. (2015). A novel approach for reliable route discov-
ery in mobile ad-hoc network. Wireless Personal Communications, 83(2), 1519–1529. https​://doi.
org/10.1007/s1127​7-015-2461-8.
18. Yadav, S., Trivedi, M. C., Singh, V. K., & Kolhe, M. L. (2017). Securing AODV routing proto-
col against black hole attack in MANET using outlier detection scheme. In 2017 4th IEEE Uttar
Pradesh Section International Conference on Electrical, Computer and Electronics (UPCON),
2017, pp. 1–4. https​://doi.org/10.1109/UPCON​.2017.82510​12.
19. Alsumayt, A., & Haggerty, J. (2014). A survey of the mitigation methods against DoS attacks
on MANETs. In Science and Information Conference, 2014, 538–544. https​://doi.org/10.1109/
SAI.2014.69182​39.
20. Usman, A. B., & Gutierrez, J. (2018). DATM: A dynamic attribute trust model for efficient collabo-
rative routing. J. Ann Oper Res.https​://doi.org/10.1007/s1047​9-018-2864-5.
21. Saini, R., & Gautam, R. K. (2011). Establishment of dynamic trust among nodes in mobile ad-
hoc network. In International Conference on Computational Intelligence and Communication Net-
works, 2011, 346–349. https​://doi.org/10.1109/CICN.2011.73.
22. Cai, R. J., Li, X. J., & Chong, P. H. J. (2019). An evolutionary self-cooperative trust scheme against
routing disruptions in MANETs. IEEE Transactions on Mobile Computing, 18(1), 42–55. https​://
doi.org/10.1109/TMC.2018.28288​14.
23. Nadeem, A., & Howarth, M. P. (2013). A survey of MANET intrusion detection and prevention
approaches for network layer attacks. IEEE Communications Surveys Tutorials, 15(4), 2027–2045.
https​://doi.org/10.1109/SURV.2013.03071​3.00201​.
24. Varma, D. A., & Narayanan, M. (2016). Identifying malicious nodes in mobile ad-hoc networks
using polynomial reduction algorithm. In 2016 International Conference on Electrical, Electron-
ics, and Optimization Techniques (ICEEOT), 2016, pp. 1179–1184. https​://doi.org/10.1109/ICEEO​
T.2016.77548​70.

13
Multidimensional Multi‑Attribute Approach to Counter the… 2015

25. Chasaki, D. (2014). Identifying malicious behavior in MANET through data path information. In 2014
International Conference on Computing, Networking and Communications (ICNC), 2014, pp. 567–
572. https​://doi.org/10.1109/ICCNC​.2014.67853​98.
26. Neekhra, A. V. A. C., & Garima, & Patel, S. . (2014). Effect of grayhole attack with Ids technique for
AODV routing protocol using network simulator. International Journal of Advanced Research in Com-
puter Engineering and Technology (IJARCET), 3, 4184–4190.
27. Joshi, V. B., & Goudar, R. H. (2017). Intrusion detection systems in MANETs using hybrid techniques.
In International Conference on Smart Technologies for Smart Nation (SmartTechCon), 2017, 534–538.
https​://doi.org/10.1109/Smart​TechC​on.2017.83584​29.
28. Sasirekha, D., & Radha, N. (2017). Secure and attack aware routing in mobile ad hoc networks against
wormhole and sinkhole attacks. In 2017 2nd International Conference on Communication and Elec-
tronics Systems (ICCES), 2017, pp. 505–510. https​://doi.org/10.1109/CESYS​.2017.83211​28.
29. Yasin, A., & Zant, M. A. (2018). Detecting and isolating black-hole attacks in MANET using timer
based baited technique. Hindawi, Wireless Communications and Mobile Computing, 2018, 10. https​://
doi.org/10.1155/2018/98121​35.
30. Can, A. B., & Bhargava, B. (2013). SORT: A self-organizing trust model for peer-to-peer systems.
IEEE Transactions on Dependable and Secure Computing, 10(1), 14–27. https​://doi.org/10.1109/
TDSC.2012.74.
31. Bouabana-Tebibel, T., Tebibel, N., & Zemmouri, S. (2014). A trust-based probing to secure data rout-
ing. In: 2014 International Conference on Advances in Computing, Communications and Informatics
(ICACCI), 2014, pp. 1592–1597. https​://doi.org/10.1109/ICACC​I.2014.69684​50.
32. Sharma, A., Bhuriya, D., Singh, U., & Singh, S. (2014). Prevention of black hole attack in AODV rout-
ing algorithm of MANET using trust based computing. https://doi.org/10.1.1.640.2105.
33. Wang, J., Liu, Y., & Jiao, Y. (2011). Building a trusted route in a mobile ad hoc network consider-
ing communication reliability and path length. Journal of Network and Computer Applications 34(4):
1138–1149, advanced Topics in Cloud Computing. https​://doi.org/10.1016/j.jnca.2010.11.007. http://
www.scien​cedir​ect.com/scien​ce/artic​le/pii/S1084​80451​00020​55
34. Ahmed, M., & Hussain, M. A. (2014). Performance of an IDS in an Adhoc network under black hole
and gray hole attacks. In International Conference on Electronics, Communication and Instrumenta-
tion (ICECI), 2014, pp. 1–4. https​://doi.org/10.1109/ICECI​.2014.67673​77.
35. Patidar, K., & Dubey, V. (2014). Modification in routing mechanism of AODV for defending blackhole
and wormhole attacks. In 2014 Conference on IT in Business, Industry and Government (CSIBIG),
2014, pp. 1–6. https​://doi.org/10.1109/CSIBI​G.2014.70569​76.

Publisher’s Note Springer Nature remains neutral with regard to jurisdictional claims in published maps and
institutional affiliations.

Nilesh Marathe received B.E in Computer Engineering from Marath-

wada University in July 2001, M. E. in Computer Engineering from
Mumbai University in March 2011 and Ph.D in Computer Engineering
from University of Mumbai in March 2020.He is presently holding
position of Associate Professor in Information Technology at Ramrao
Adik Institute of Technology, Nerul, Navi Mumbai. He has published
about 35 papers in International and National Journals and Confer-
ences. He has guided 15 PG students and 3 are ongoing and life mem-
ber of, Indian Society for Technical Education (ISTE). His research
area includes Network Security, QoS in Network, VANET Security.

13
2016 N. R. Marathe, S. K. Shinde

Dr. Subhash K. Shinde has received B.E degree in Computer Engineer-

ing from Marathwada University in July 1999 , M. E. Degree in Infor-
mation Technology from Mumbai University in Jan. 2005 and Ph.D
from S.G.G.S. College of Engineering & Technology Nanded, affili-
ated to Swami Ramanand Teerth Marthwada University Nanded in
October, 2012. He is presently holding position of Professor in Com-
puter Engineering and Vice-Principal at Lokmanya Tilak College of
Engineering, Navi Mumbai. He is working as Chairman, Board of
Studies in Computer Engineering under Faculty of Technology, Uni-
versity of Mumbai, and Member of the Academic Council, BUTR,
RRC, of University of Mumbai from 1st July 2015 to till date. Also
Member of Board of Study in Information Technology under Faculty
of Engineering Technology of Pune University from 1st July 2015 to
till date and member of the Board of Study in Information Technology
under the Faculty of Technology, University of Mumbai, 1st July 2014
to till date. He has published about 35 papers in International and
National Journals and Conferences. He has written 3 books through
reputed publisher. Under his supervision five research scholars are working towards their PhD. He has
guided 30 PG students (ME) and 3 are ongoing. He is a life member of, Indian Society for Technical Educa-
tion (ISTE), Computer Society of India (CSI) and International Association of Computer Science and Infor-
mation Technology (ASCIT). He is reviewer of reputed journal like International Journal Big Data,
Springer, and Expert System with Application, Elsevier publication. He is actively involved on many Uni-
versity aimed at designing syllabus revision for UG and PG programme as well as working as member of
academic advisor committee.

13