A Study on Improving Secure Routing Performance Using Trust Model in MANET

the


Introduction
MANET is a network consisting of only mobile nodes without a fixed infrastructure. It does not require a wired network, access point, and base station in the process of configuring the network. It can be constructed quickly at a low cost because there is no restriction on host movement [1][2][3]. e utilization range of MANET has been used in situations where network configuration is difficult, by the rapid development of wireless networks and the spread of mobile terminals. e mobile nodes composing MANET do not only perform the transmission and reception of data that the existing host performs but also act as routers. In route settings, it can support multipathing to neighbor nodes and perform routing dynamically because the mobile nodes act as routers [4,5]. However, it is exposed to many security vulnerabilities due to the nature of the dynamic topology and the wireless network by the movement of nodes. In order to solve the problem, various routing techniques for stable data transmission and reception between nodes have been studied. In the existing routing protocol studied, the demand-based AODV protocol has shown excellent performance in various mobility pattern, density, and traffic. However, there is a problem that the number of control packets increases in order to maintain the routing to the destination. Also, it has been studied on various routing attacks by malicious nodes. In order to cope with such a routing attack, the technique that uses the reliability of mobile nodes participating in routing or involves authentication nodes to routing by issuing certificates to mobile nodes has been studied. In particular, if packet loss or route connection failure occurs by various attacks existing on the route, it will take a long time to reconstruct a new path from the source node to the destination node, the number of control packets increases and the resulting overhead is also increased. erefore, the study on safer and more efficient secure routing techniques is necessary in order to increase the reliability of MANET [6,7].
In this paper, we propose a trust model-based secure routing technique to improve the efficiency of the trust evaluation and the performance of secure routing problem of security routing in the existing studies. is technique consists of the trust evaluation step and security routing step. In the trust evaluation step, a hierarchical structure is applied to increase the efficiency of the reliability measurement for each node. In the security routing step, the security communication function through the routing based reliability and key exchange is provided in order to security routing performance. e main function of the proposed technique is secure data communication through security routing based on reliability evaluation of nodes and the detection of anomaly node through traffic and Destination Sequence Number (DSN) check. e proposed technique uses cluster hierarchy to improve the reliability evaluation efficiency. e reliability evaluation is performed by measuring the packet forwarding rate of the neighbor nodes of all nodes. e trust management node manages the measured reliability of the mobile nodes in each cluster and the measured reliability is used to set a route between the source and destination node. For secure data communication, the key generation and exchange between nodes without the help of Certification Authority (CA) is applied. In this way, the key generation process is simplified, and the processing speed can be improved while improving the communication data. e secure routing performance can be improved by excluding the malicious node from participating in the network. Also, the traffic on the route is checked to detect anomaly node on the path. If the traffic on the route is higher than the average traffic in the cluster, it checks the DSN of the intermediate nodes existing between the source node and the destination node and detects an anomaly node that transmits a packet to a node using a wrong DSN or a node ID that does not exist. e improved performance of the trustbased model security routing technique proposed in this paper is confirmed by minimizing routing efficiency and the number of control packets through performance analysis experiments with SAODV based the proposed simulation parameters and performance metrics. e composition of this paper is as follows. In Section 2 we discuss the kind of routing attacks and secure routing techniques existing in MANET. In Section 3, we describe the trust-based model secure routing techniques proposed in this paper. In Section 4, we verify the performance of the proposed technique through experiments and finally conclude in Section 5.

Routing Protocols.
e routing protocol in MANET can be classified into table-driven routing protocols using the Bellman-Ford algorithm and hybrid method that combines the advantage of table-driven routing protocol and on-demand routing protocol [8][9][10]. e table-driven routing protocol is a method to maintain the latest network information by storing the entire path for all nodes in each entry of the table and broadcasting routing information periodically or when the network topology changes. When there is a connection request due to traffic occurrence, it has a benefit that connection setup is fast because of having the path information. But, it has a problem that the broadcasting overhead of the control message for path management is large and resources are consumed for discovering a path that is not used for frequent phase changes. erefore, it is studying to minimize the number of control messages. e routing protocols of this type include Destination Sequenced Distance Vector (DSDV), Wireless Routing Protocol (WRP), and Source-Tree Adaptive Routing (STAR) [11][12][13].
is routing method can be divided into two different methods according to the method of transferring data. First, the source routing method is that a transmitting node calculates routing information for transmitting data and the data including the routing information in the header is transmitted to the destination. Link Quality Source Routing (LQSR) is a typical protocol. e intermediate node only refers to the information of the header and delivers to the next node. But the payload of the frame is reduced. Second, the hop-by-hop routing method is that all nodes have all information of the next hop for delivering to the destination. e immediate node delivers frame to the next hop of its routing information by referring to the destination information of the header.
ere is less overhead because it is a simple method. However, loops can occur in the step of setting routing metrics, so a method to avoid this is necessary. Table 1 shows the main characteristics of the two routing techniques. e on-demand routing protocol does not always maintain the full path for all mobile nodes, but the path gain procedure is performed when data transmission is required.
is means that a routing table to a destination node is generated after performing a path search process only when data transmission is required. erefore, there is a disadvantage that the delay time for path discovery is increased. But there is an advantage that the accurate path can be set because the mobility of the mobile node can be reflected immediately when the path is set. In addition, if the path to the destination node cannot be searched, problems such as a broadcast storm can be caused because a message requesting the path continuously is generated until the path is searched.
us, on-demand routing protocol focuses on minimizing the optimal path search and delay time of the path search. ese routing protocols include Dynamic Source Routing (DSR), Ad Hoc On-Demand Distance Vector (AODV), and Dynamical MANET On-Demand Routing (DYMO) [14][15][16].
Hybrid routing protocol is a method of mixing proactive and reactive methods.
is performs mixed routing that proactive method is used for nodes in the environment where there is little change in topology due to small movement of nodes and the reactive method is used where the nodes are frequently moved. is can perform efficient routing since this uses a mixture of advantages of the existing methods. But it is not easy to implement and has a complicated operation. Table 2 shows the characteristics of MANET routing techniques.

Mobile Information Systems
Energy-Aware AODV (EAODV) utilizes backup routing techniques based on AODV. Since this technique sets a path in consideration of the remaining energy of a node, it can reduce link errors due to energy exhaustion and the network can be maintained for a long time. Also, if the energy level of nodes becomes less than the threshold by setting the threshold energy level of nodes, the data loss and transmission delay that occur in case of path change and path resetting can be reduced by transmitting error packets to the source node [17].
PS-AODV is a technique for determining routing based on a load situation between nodes. e node first checks the current load before forwarding the RREQ packet for route discovery to neighbor nodes. e RREQ packet is discarded if the node load is very high. Subsequently, if the load of the node decreases, the next RREQ packet is forwarded again. In this way, the routing considered this will be done because the higher the load of the node is, the more energy is consumed [18].

Routing Attacks.
MANET is vulnerable to various routing attacks because it has an easy structure to attack such as packet eavesdropping or tapping by nature of the wireless environment and routing and data transmission are performed in a hop-by-hop manner by mobile nodes. Routing attacks can be divided into passive attacks which can cause a lot of damage through the eavesdropping or tapping of packets, and active attacks which prevent routing or make packet transmission impossible by inserting, discarding, or modifying incorrect information in the routing process [19][20][21][22]. e typical attack among these routing attacks includes the black hole attack, wormhole attack, Jellyfish attack, and Sybil attack. e black hole attack is an attack in which an attack node changes route by sending incorrect routing information to the source node. In other words, it is an attack which intercepts all packets to be transmitted to the destination node by analyzing RREQ packet for route discovery and transmitting RREQ as if the shortest route to the destination node is itself to the source node [23][24][25]. e wormhole attack has two ways. One is to eavesdrop on data packets that two attack nodes trick as if the neighbor nodes are close to each other and the route formed by the two nodes is optimal. e other is to deplete the energy of the attack node by including target nodes in many routes [26,27].
e Jellyfish attack is an attack that interrupts data transmission by delaying transmission of data packet or discarding after the attack node normally transmits the RREQ or RREP packet for route discovery and the route through itself is set [28,29]. e Sybil attack is an attack in which the attack node generates multiple IDs and makes other nodes be recognized as multiple identifiers. It is very threatening to the routing method using geographic information.
Jamming attack is a type of denial of service attack that is detrimental to the reliability of wireless communication.
is attack interferes with communication between nodes and causes data transmission failure by transmitting any meaningless signal to the corresponding wireless channel.
is leads to continuous attempts of message retransmission by nodes to recover the failed path and consumes a lot of energy on each node. As a result, in a wireless sensor network composed of sensor nodes with limited power, it is an important issue to apply a routing technique in which energy efficiently and effectively considers the defence against Jamming attacks [30].

Secure Routing
Method. Secure Ad Hoc On-Demand Vector (SAODV) as a typical routing technique in MANET uses digital signatures for RREQ and RREP authentication and authenticates hops using hash chains [31]. First, a maximum number of hops are set and a one-way hash function with one greater than the number of hops is created. en, the RREQ transformed by the hash function is All nodes have all information of the hop to the destination e immediate node delivers frame to the next hop of its routing information Less overhead in a simple way e nodes receiving the RREQ authenticate the RREQ packet and the RREQ is created and transmitted in the same way if it is correct. In this way, a secure route is set through a signature check on RREQ and RREP.
Secure Energy-Efficient Routing (SEER) authenticates data using a one-way hash chain and uses a shared secret key between the mobile node and the base station to improve confidentially [32]. is technique creates a tree based on the base station and initializes the one-way hash chain. And, then, if the mobile node detects an event through its neighbor node, the data can be transmitted to the base station through the selected immediate node. Each node uses the only one-way hash chain that it manages in order to transmit securely data to the base station.
Feedback based secure routing protocol (FBSR) is an energy efficiency-oriented routing protocol using evaluation functions [33]. is technique provides security by using a one-way hash function which is authentication of the MAC layer. e evaluation function uses a combination of energy level and distance, and the energy level is used by the threshold evaluation function. is technique provides two methods to prevent routing attacks. First, the feedback from the neighbor nodes is signed by one-way hash chain. e second is to utilize feedback to base station in order to distinguish attack nodes [34]. e Ariadne technique is a DSR-based secure routing technique and uses authentication using MAC and shared keys. e source node creates the MAC value using a shared secret key in order to search route to the destination node and includes it in the RREQ. When the destination node receiving it authenticates the RREQ packet and transmits the RREP message, it is authenticated by the source node. rough this process, the source node can be set a secure route with the destination node [35][36][37].

Trust-Based Routing Protocol.
In MANET, secure routing protocol has been studied for various ways that utilize key management, encryption, or continuous monitoring of neighbor. However, most of these methods have the disadvantage that these are too costly for secure routing and are not suitable for the proposed MANET. erefore, the structures of various trust-based security routing are discussed. Trust-based AODV routing protocol is a technique of isolating malicious nodes and is applied to the public key [38].
is has a disadvantage that route path discovery is delayed a lot because this does not allow intermediate nodes on the path to transmit RREP packets. e trust-embedded AODV (T-AODV) technique is an extension of the trust-based AODV technique in which the reliability is calculated by distributing and updated [39]. is is performed only when malicious nodes send erroneous information. Each node consumes more memory because it scans and maintains the table periodically. is technique assumes that all nodes have the same frequency range. It is proposed that intermedia node plays a role as a trust gateway maintaining the trust level in order to avoid malicious nodes in [39]. Each node monitors its neighbor and maintains its reliability directly. e source node calculates the optimal path by using this trust information. e reliability calculation is based on forwarding behavior of nodes. e trusted gateway node should consume a lot of energy and be less mobile. In TAODV, reliability is determined by the opinion used in the subjective logic. Other nodes increase the opinion if a node behaves normally; otherwise, they decrease the opinion. e nodes authenticate each other by verifying the certificates of the nodes.
is protocol cannot detect internal attacks that malicious nodes can refuse packet forwarding. Trust-Based Minimum Cost Aware (TMCQA) proposes a technique for efficient data collection on the network. is technique uses machine learning to evaluate the trust of data reporter. And a selection strategy of an optimized data reporter based on three key evaluations is used [40]. Trust Detection-Based Secured Routing (TDSR) uses a sensor node to evaluate the trust of an intermediate node for a secure path between a source node and a destination node. TDSR technique has the advantage of not affecting the network life by using node selection and path discovery considering energy [41].

The Trust-Based Model Secure
Routing Technique e trust-based model secure routing technique proposed in this paper used the cluster structure for reliability evaluation, management, and security routing. e trust management node and the trust agent node are used for reliability evaluation and management of nodes. e trust management node is responsible for managing the reliability of the nodes in each cluster and providing the information. e trust agent node collects reliability of each neighbor node while supporting the trust management node.
e trust-based model security routing technique proposed in this paper consists of three modules: trust management module, security path module, and secure data communication module. First, the trust management module stores the reliability value of the nodes collected by the trust agent in each cluster and updates the neighbor trust management node and reliability information periodically. e reliability measurement on nodes is based on the traffic received from the neighbor nodes and checks whether the traffic is packet generated by the neighbor nodes or forwarded. And the average value of reliability for the nodes in the cluster is calculated periodically. Second, the secure path module performs a security routing based on measured reliability when the path is set from the source node to the destination node. For setting of security path between the source node and the destination node, the reliability of each node and the reliability average value of the cluster are reflected. And it detects anomaly nodes based on the traffic measurement on the set path. e third secure data communication module performs data communication after key exchange between the source node and the destination node for secure data communication. In particular, this key exchange can provide integrity and nonrepudiation as a technique for providing a security function of a routing protocol without CA assistance. It is possible to perform the more rapid authentication process and solve the certificate management problem because there is no certificate issuance process from the CA. Figure 1 shows the system structure of the trust-based model secure routing technique proposed in this paper.

Reliability Measurement and Security
Routing. In this paper, we use a hierarchical cluster structure for efficient trust evaluation and management of nodes. e node with the highest number of connections with nodes within each cluster is designated as the trust management node, and this node manages the reliability value of the nodes in each cluster. In addition, the Member Trust Table (MTT) storing the reliability is periodically updated while exchanging information with the trust management node of the adjacent cluster. In order to improve security when setting the route, the average value of the reliability is periodically calculated and used as a threshold value. e reliability measurement for nodes within each cluster is made on all nodes that act as trust agents. at is, the reliability measurement is calculated using the ratio of packets forwarded by each node. However, the reliability may not be measured accurately if only the delivery of the packets is used. is is because the rate of the packet transmission may increase due to various reasons such as traffic increase, the communication state of wireless network, and malicious attack.
erefore, the quality of packet forwarding is reflected to improve the accuracy of reliability measurement. In order to measure the reliability of a specific node, the contents of packets received from the neighbor node are analyzed. First, the IP header of the received packet is checked to determine whether the packet is a packet generated by a neighbor node or simply a forwarded packet. en, the reliability for each node is calculated by the following equation: Here, α and β mean the weight according to the time that node i and node j participate in the network. G i (p j ) means that node j delivers the generated packet to node i, F i (p j ) means that node j is packet delivered to node i packet received from the neighbor node. And G j (p i ) means that node i delivers to node j generated packet, F j (p i ) means that node i is the packet delivered to node j packet received from the neighbor node. is is a way to measure the selfish behavior of a node and the reliability is decreased if a packet received from a neighbor node does not deliver and only its own data is transmitted. e security path between the source node and the destination node is set based on the reliability for each node calculated by the abovementioned method. e reliability information for all nodes participating in the network is stored in the trust information table (TIT) in the trust management node. Figure 2 shows the structure of the trust information table.
As shown in Figure 2, the reliability of node A is stored neighbor node transmitted packet from node A, and the value is calculated by node H and node S. e reliability value measured by each neighbor node is recalculated by the following equation: In the trust management node of each cluster, the reliability average value of the cluster is calculated periodically after the reliability value for all nodes is measured, and this is calculated by equation (3). Ci means the number of clusters constituting the network and is an expression for calculating the average reliability of each cluster: e source node (S) broadcasts the RREQ message to establish the path to the destination node (D). e nodes that receive this message transmit the packet to the destination node and find the paths to the destination node through the response of RREQ. e source node deletes a node whose reliability is less than the average value of cluster reliability among the various paths to the destination node collected by the response. And then, the path with the highest reliability value is selected. Figure 3 shows an example of a reliability-based path setting. As shown in the figure, there are several paths from the source node (S) to the destination node (D). Among them, the node F, the node J, and the node L are excluded from the route setting because they are less than the reliability value of the cluster. erefore, the security path based on the reliability is that the path having a higher average value of all paths than the path length is selected.

Security Data Transmission Technique.
In the method mentioned in the previous section, the key exchange technique is applied for secure data transmission after the secure path is established between a source node and a destination node. is sets the path based on the reliability check of the nodes for secure path setup. And this is applied to enhance the security and integrity of data transmission because malicious nodes cannot be completely excluded through this process. Also, the rapid security function is provided through key exchange between nodes without CA's help for certificate issuance. Each node receives periodically its own reliability information from the trust management node. e information is signed using the public key shared between trust management nodes to prevent falsification from nodes.
is trust information is used as information to guarantee its identity for secure data transmission at the time of key exchange. e key exchange between nodes is performed as follows. First, the source node sends its public key and hash signature of the public key to nodes of the set secure path for secure data transmission. e destination node which received the packet transmits a response message including a public key and an Integrity Detection Code (IDC) of the public key. e source code generates a shared key and encrypts it to the public key of the destination node and   Mobile Information Systems transmits. And the source node encrypts data to be transmitted to the destination node and transmits. is technique improves the safety and integrity of data transmission. e process described above is shown in Figure 4. e source node requests its trust information from its trust management node as a preparation step for key generation with the destination node. e received trust information is transmitted to the destination together. e destination node which received it identifies the source node through the process of requesting the identity of the node to the trust management node.
Key_Req means a key agreement request, S_(pub_key) means a public key of a source node, and IDC(hash(-S_(pub_key))) means an integrity check code for its public key. Key_Rep means a key agreement response, S_(sec_key) means a secret key of the source node, and IDC(hash(S_(sec_key))) means an integrity check code of its secret key.

Anomaly Detection.
e performance of the routing protocol is reduced by malicious nodes in the network. In this section, the following process is performed in order to detect the anomaly nodes in the routing process. First, a suspicious node is detected in the secure path module through traffic checks on a node. Second, a malicious node is detected by a DSN check existing in a path table entry of the node. e traffic from the source node to the destination node will be measured for t hours. Here, t value uses the Round Trip Time (RTT) between the source node and the destination node, and the average value of the traffic is calculated by the following equation: Here, T 0 represents the timeout and p represents the pack loss rate. If the value measured by equation (4) is higher than the average traffic of the cluster, it is judged that a malicious node exists in the path. And, it checks the DSN of the packets transmitted by nodes existing in the path and detects a wrong DSN. e false DSN check is an important factor for detecting anomaly node because it relies on the DSN to grantee loop-free to the destination node. Routing information checks are performed in preparation for an attack that may occur in the data transmission step. In this process, it detects an anomaly node that responds to nonexistent node ID or transmits a packet using an invalid DSN. e information of the detected node is transmitted to the trust management node, the reliability value is set to 0, and the routing participation of the node is excluded. Figure 5 shows the anomaly detection process described above.

Simulation Parameters.
In this section, we evaluate the main performance of the trust-based model secure routing technique proposed in this paper. e simulations are conducted in NS2. e experimental environment for simulation is as follows: e mobile node used in the experiments is a random waypoint model that changes the location freely while moving the network. In our simulation, the mobile speed is varied 5, 10, 15, and 20 m/s and the battery consumption of the nodes was not considered. e total experiment time was 300 s, and, during the experiment, Hello flooding attack, Jellyfish attack, and Jamming attack occurred 5 times. e type of Jamming attack used in this experiment used deceptive Jamming operating on the network layer. Table 3 shows the experimental variables used for the experiment.

Performance Metrics.
We experimented in two ways in order to evaluate the performance of the proposed technique in this paper. e first experiment evaluated security routing performance according to the presence or absence of an attack with SAODV and the second experiment evaluated routing performance according to the network structure with EAODV. e performance evaluation criterion is set as a packet delivery ratio, end-to-end delay time, the number of control packets, network throughput, routing overhead, and average path length.
Packet delivery ratio: it is the ratio of the number of packets received successfully and the total number of packets transmitted End-to-end delay time: the end-to-end delay is averaged over all surviving data packets from the sources to the destinations Control packet: the number of the total packets, such as RREQ, RREP, and RERR, transmitted for data transfer between the source node and the destination node Network throughput: this is a data packet transmitted between a source node and a destination node for a certain period of time Routing overhead: the total number of routing packets for route discovery and route maintenance Average path length: the average number of hops between the source node and the destination node where data is transmitted Figure 6 shows the measurement results of the packet delivery ratio, which is the main performance evaluation criterion of the routing protocol. As shown in the figure, we confirmed that the performance difference between the two techniques was not large when the attack did not exist, but the difference was large when the attack did exist. e SAODV technique showed a low performance in Hello flooding attack.

Results and Analysis
is technique sets the path after performing authentication of RREQ and RREP for path discovery, and special secure technique is not applied when the data is transmitted. erefore, we confirmed that the performance was greatly degraded with the Hello flooding attack taking a normal action until the path setting. However, the proposed technique showed excellent performance in the Hello flooding attack because data transmission takes Mobile Information Systems place after performing the key exchange process with the source node and the destination node even after setting the path. Figure 7 shows the result of measuring the packet transmission ratio according to the presence of a Jellyfish attack. As the results show, the performance of the SAODV was not good when the Jellyfish attack occurred. e SAODV technique performs authentication for RREQ and RREP for path discovery and sets the path. e special security technique is not applied when data is transmitted. It is confirmed that the performance is degraded greatly for the Jellyfish attack performing a normal action until the path is set. However, the proposed technique showed the result of the excellent performance for the Jellyfish attack because it performs key exchange process between the source node and the destination node and data is transmitted even after routing. Figure 8 shows the result of confirming the effect of packet delivery between the source node and the destination node due to the Jamming attack. As the results show, the performance of SADODV was not good in the event of the Jellyfish attack. In the detection of inserted abnormal packets, the performance of packet delivery was degraded because discovery was made after data transmission was completed. On the other hand, the proposed technique can get good results even for Jamming attack due to blocking packet reception from malicious attack node through the process of the key exchange between nodes before data transmission. Figure 9 shows the measurement result of transmission delay time between the source node and the destination node by Hello flooding attack, Jellyfish attack, and Jamming attack. e SAODV technique uses TTL values and digital signatures of RREQ and RREP for secure routing. e delay  Desitination node Immediate node Source node <Key _Req , S_(p ub key), IDC (hash (s_(p ub key)) )> <Key _Req , I_(pu b key), IDC (hash (I_(p ub key)) )> <Key _Req , S_(Se cure key), IDC (hash (s_(se c key)) )> <Key _Req , I_ (Secu re key),I DC (hash (I_ (sec key)) )> <K ey_ Rep , ID C (ha sh( I_( sec key )))> <Key_ Rep,,I DC (hash (I_ (pub key))) > <K ey_ Rep , IDC (ha sh (I_ (se c key )))> Key exchange steps to set up secure path Figure 4: Internodes key exchange process for secure data communication.
time exists due to this authentication process, and it is longer when an attack occurs. In particular, it is also the cause of low-security performance for attacks after setting the path. We confirmed that the proposed technique was not significantly affected by the attack, but the end-to-end latency appeared rather long because data is transmitted after the path setting based on the reliability of the nodes and key exchange process between the source node and the destination node. e number of control packets can influence the overall performance of the network. Figure 10 shows the measurement result of the number of control packets generated in each technique during the experiment time. e SAODV technique showed the authentication process for secure path set, and the number of control packets increases. Also, the more nodes moved, the more the amount increased. e proposed technique showed stable performance with little change in the number of control packets even in the event of an attack although it does not go through the authentication server and the control packet is rather high by key exchange between nodes for secure data transmission. Figure 11 shows the result of the network throughput depending on the existence of Jellyfish attack. e network throughput is an important indicator which can confirm the performance of the routing protocol as the amount of data transmitted from the source node to the destination node during the unit time. SAODV showed a large difference depending on the existence of Jellyfish attack because the security technique is not applied during data transmission. But the proposed technique applies the average reliability of the cluster and the reliability of the nodes existing in the path during the path setting and goes through an anomaly detection process based on the traffic. erefore, the technique is not influenced by the presence of Jellyfish and shows superior performance compared to SAODV. Figure 12 shows the measurement result of the average path length between the source node and the destination node according to the movement time of nodes and the attack. e average path length becomes longer as the movement speed of nodes is faster. e proposed technique shows the long path length because it sets the path with higher reliability than the path length. It shows that the path length depending on the attack is also long and the proposed technique is less influenced by the attack due to secure data communication through key exchange and traffic-based malicious node detection process. e routing overhead describes the number of routing packets for route discovery and route maintenance needed to be sent in order to propagate the CBR packets. Figure 13 shows the comparison result of routing overhead between SAODV and the proposed technique. As the number of malicious nodes increases, routing overhead also increases. SAODV is not significantly affected by attacks because it authenticates control packets in the route discovery step. Routing overhead is increased greatly as it is vulnerable to

10
Mobile Information Systems attacks in the data transmission process.
e proposed technique is that data is transmitted through a key exchange process even after setting a secure route between the source node and the destination node. erefore, routing overhead by attacks does not increase significantly although the key exchange occurs. Figure 14 shows the experimental results for EAODV and the packet transmission rate when the number of nodes is 50 and 100 to evaluate the routing performance. e proposed technique selects the shortest path that does not consider residual energy of the node through the path discovery process based on the cluster. Also, the cluster head manages the information of the nodes in the cluster and routes are set based on this. So, more efficient routes are set, but EAODV selects the node with the high energy level, long path life, and fewer hops. EAODV showed good results when the movement of nodes was less but it showed the lower the result by reflecting the energy threshold calculation as the movement speed of the nodes is faster.
In Figure 15, the throughput which is an important metric shows the result depending on the number of nodes and the moving speed. We can see that the network throughput gradually decreases as the moving speed of the node increases.
is means that as link failures by the movement of the nodes increase and the demand for new routing increases, the consumption of bandwidth increases. As the result shows, the proposed technique that the node is managed by the cluster head shows better performance than EAODV.   e comparison between the number of routing packets and the node speed is shown in Figure 16. As the nodes move faster, the number of routing packets both protocols increases. However, it shows that the routing packet of the proposed technique has fewer routing choices compared to EAODV. erefore, the number of routing packets for route discovery and maintenance can be reduced.

Conclusions
e routing protocol plays a very important role in determining the overall network performance because MANET consists of mobile nodes with limited resources. Dynamic topology by the movement of nodes and path setting by hop-by-hop provide a threatening cause to many security threats. An internal attack by malicious nodes, especially, is more damaging. It is necessary to provide a technique to eliminate the participation of malicious nodes in routing and data transmission through proper trust evaluation of nodes. For this, the cluster structure was used to measure the reliability of nodes participating in the network in this paper. In order to improve the accuracy of reliability, the quality of the packet as well as the number of packets transmitted between the nodes was included. at is to reflect in the reliability calculation by determining whether a packet received from a neighbor node is generated. e reliability information and management of the nodes in each cluster were done by the trust management node. e trust management node calculated the reliability average value of the cluster and transmits the information to the neighbor trust management node every time the reliability value for each node was updated. In this way, even if the nodes move, the trust information of each node can be known. Also, the trust information of each cluster node is digitally signed and transmitted. e path setting was made by combining the reliability of the measured nodes and the reliability average value of each cluster. Among the various paths existing between the source node and the destination node, a node having a value smaller than the reliability average value of the cluster was excluded from the path setting. e path with the highest reliability among the remaining nodes was selected. If the path had been set, the data was transmitted after the key exchange process between the source node and the destination node. e key exchange between nodes was performed without the CA and the trust information received from the trust management node was used to guarantee the identity of the node. We also measured the traffic on the path between the source node and the destination node in order to detect anomaly nodes. If the traffic occurring from a specific path was higher than the average traffic in the cluster, the nodes in the path checked the DSN of the transmitted packet, the node transmitted the wrong DSN was recognized, and network participation was excluded. In order to evaluate the performance of the proposed technique, the experiment was performed as compared with SAODV technique for packet delivery ratio, end-to-end delay time, the number of control packets, network throughput, and average path length. In addition, to evaluate the routing performance, the experiments are performed on packet transmission rate, throughput, and routing packet performance criteria with EAODV. rough the experiment, it was confirmed that the management of the nodes and route discovery using a cluster-based network structure is more effective as the  moving speed of the nodes increases. As can be seen from the experiment, the better performance of the proposed technique compared to SADOV is confirmed in the presence of the attack. is shows the superiority of the trust evaluation and the security path setting for the proposed nodes. In the future, research on the energyaware trust model will be conducted to improve the efficiency of the secure routing protocol.
Data Availability e simulated evaluation data used to support the findings of this study are included within the article.

Conflicts of Interest
e authors declare that they have no conflicts of interest.