International Journal of Computer Applications (0975 – 8887) Volume 129 – No.6, November2015 6 Trust based Data Plane Security Mechanism for a Mobile Ad hoc Network through Acknowledgement Reports Shirina Samreen Research Scholar, Dept. of Computer Science JNTUH College of Engineering Kukatpally, Hyderabad, A.P., India G. Narsimha, PhD Associate Prof., Dept. of Computer Science JNTUH College of Engineering Nachupally, Kondagattu, Karimnagar, A.P., India ABSTRACT Malicious packet drop attack over the data plane in a MANET involves malicious nodes dropping the data packets after the route formation. In this paper, a security mechanism has been proposed to detect those nodes which exhibit the malicious behavior by dropping the data packets during the data transmission phase after participating in the route establishment phase without exhibiting any malicious behavior. The detection is done based upon a trust management framework employing the Dempster Shafer Theory to represent the trust. The design of the trust management framework has been covered in earlier works and the current work focuses upon its application for the design of a novel security mechanism. Trust is computed based upon the forwarding behavior represented by acknowledgement reports submitted to the source node. The composition of the report ensures that the source node can verify its authenticity. Trust updates upon intermediate nodes are done by the source node at the end of a session which facilitates the secure route formation through the proposed mechanism. The efficiency and accuracy of the proposed security mechanism is validated using the network simulator ns2 and the experimental results show that the proposed mechanism outperforms the other schemes. General Terms Mobile Ad hoc Networks, Data Plane Security. Keywords Acknowledgement Reports, Packet Droppers, Trust Management Framework, Reward Factor, Punishment Factor. 1. INTRODUCTION Malicious packet dropping in a MANET occurs when a node has been compromised by an adversary and intends to disrupt the network performance by simply dropping the packets without forwarding them. A security mechanism known as Anti Black hole mechanism addresses packet dropping at the control plane is proposed in [1] wherein the adversary drops the data packets after forcibly acquiring a route by manipulating the sequence number and hop count values of the routing packets. But the approach requires the deployment of special IDS (Intrusion Detection System) nodes which perform the promiscuous neighborhood monitoring to determine the difference between the number of RREQ packet and the number of RREP packets forwarded by a node to assign it a suspicious value based upon which it is declared as malicious node. The main drawback of the proposed scheme is that it requires the deployment of IDS nodes. An approach for the detection of malicious packet dropping at the data plane is proposed in [2]. It employs IDS nodes which are trusted and turn into promiscuous mode for monitoring the data forwarding activity upon the detection of malicious behavior. The approach has the following limitations:  It requires special IDS nodes which are assumed to be always trusted. In an open environment like MANET, it is very difficult for any node to remain trusted for a long time as the probability of a node being compromised by an adversary is inevitable.  Usage of promiscuous mode is more energy consuming and the drawback of false alarms in case of receiver collisions and ambiguous collisions.  It also has the requirement about the placement of IDS nodes that each IDS node should always be a neighbor to some other IDS node. In a mobile ad hoc network, this implies that the IDS nodes have a restricted mobility.  The attack discovery is based upon the probing done by the destination node with each of the intermediate nodes which respond with a count of number of data packets forwarded. Usage of a simple count of the forwarded data packets is always prone to manipulation since the destination cannot verify the authenticity.  The paper does not describe about the handling of link breaks by the attack discovery process. The proposed security mechanism aims to provide the detection and isolation of malicious packet droppers so as to overcome the limitations in the approach proposed in [2].  Firstly, it does not need any special trusted IDS nodes.  Secondly it employs an acknowledgement based approach rather than promiscuous monitoring so as to conserve the energy of the nodes. The control overhead associated with acknowledgement based approaches is reduced by having a session based acknowledgment report rather than per-packet acknowledgement.  Thirdly it employs a trust model based upon Dempster Shafer theory to compute the subjective trust by the source node and the trust model facilitates the composition of malicious list.  Fourthly, the detection of malicious behavior is done through acknowledgement reports which are composed such that the authenticity of the report can be verified by the source node.  Lastly, the proposed mechanism has a clearly defined way of dealing with link breaks which