A comparative study of black hole attack in manet 2


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

A comparative study of black hole attack in manet 2

  1. 1. International Journal of Electronics and Communication Engineering & Technology (IJECET), ISSN INTERNATIONAL JOURNAL OF ELECTRONICS AND 0976 – 6464(Print), ISSN 0976 – 6472(Online) Volume 4, Issue 2, March – April (2013), © IAEMECOMMUNICATION ENGINEERING & TECHNOLOGY (IJECET)ISSN 0976 – 6464(Print)ISSN 0976 – 6472(Online)Volume 4, Issue 2, March – April, 2013, pp. 93-102 IJECET© IAEME: www.iaeme.com/ijecet.aspJournal Impact Factor (2013): 5.8896 (Calculated by GISI) ©IAEMEwww.jifactor.com A COMPARATIVE STUDY OF BLACK HOLE ATTACK IN MANET Neha Kaushik Student PDM College of Engineering for Women, B’Garh Ajay Dureja Assistant Professor PDM College of Engineering for Women, B’Garh ABSTRACT A mobile ad-hoc network is an infrastructure less network which consists of a number of mobile nodes that dynamically form a temporary network for the transmission of data from source to destination. Most of the routing protocols rely on the cooperation among the nodes for secure transmission due to lack of centralized administration. Thus the security of MANET is an important concern for all the times. There is no general algorithm for security of principle routing protocols like AODV against commonly known attacks like black hole attack, wormhole attack, rushing attack, etc. In this paper, we survey the different network layer attacks of MANET and compare the existing solutions to combat the single or cooperative black hole attack. Keywords: MANET, Black Hole Attack, Worm Hole Attack, Rushing Attack. 1. INTRODUCTION A mobile ad-hoc network is categorized under infrastructure less network where a number of mobile nodes communicate with each other without any fixed infrastructure between them. Furthermore, all the transmission links are established through wireless medium [1]. The functioning of MANET depends upon the trust and cooperation between the nodes. Each node can individually act as a router or a host for transmitting data packets to other nodes which are not in the range of direct transmission. 93
  2. 2. International Journal of Electronics and Communication Engineering & Technology (IJECET), ISSN0976 – 6464(Print), ISSN 0976 – 6472(Online) Volume 4, Issue 2, March – April (2013), © IAEME MANET is one of the recent active fields and has received marvelous attentionbecause of its self-configuration and self-maintenance capabilities [2]. MANET is widelyused in military purpose, disaster area, personal area network, etc. Ad hoc network offergreat flexibility, higher throughput, lower operating cost and better coverage because ofcollection of independent nodes [3]. The designing of routing protocols for Ad hoc network is a challenging task andsecure ones are even more so. So far, researchers in ad- hoc networking have generallystudied the routing problem in a non-adversarial network setting, assuming a trustedenvironment relatively little research has been done in a more realistic setting in which anadversary may attempt to disrupt the communication [4]. The routing protocols are divided into two main types-Proactive protocols andReactive protocols. The proactive protocols are Table-Driven protocols in which each nodemaintains an up-to-date routing information about every other node in a routing table androutes are quickly established without any delay [3]. The reactive protocols, on the otherhand, are the on-demand protocols in which the nodes establish the route whenever desired.In this paper, we discuss three main attacks at network layer of MANET namely Black holeattack, Rushing attack and Wormhole attack and compare the existing solutions for theprevention and detection of Black Hole attack.2. ROUTING PROTOCOLS The routing protocols of MANET are broadly divided into two categories-Proactive (Table-Driven) routing protocols and Reactive (On-Demand) routing protocols.A third category is a combination of above two routing protocols namely Hybrid routingprotocols.2.1 Proactive Routing Protocols In proactive or table-driven routing protocols, the mobile nodes periodicallybroadcast their routing information to the neighbors. Each node needs to maintain itsrouting table which not only records the adjacent nodes and reachable nodes but also thenumber of hops. In other words, all the nodes have to evaluate their neighborhood as longas the network topology has changed [1]. The examples of proactive protocols are DSDV,OSPF, OLSR, etc.2.2 Reactive Routing Protocols In case of reactive or on-demand routing protocols, the mobile nodes set up aroute when they desire to transmit the data packets. The reactive routing protocolsovercome the problem of increased overhead as in case of proactive protocols [3]. AODVand DSR are two main types of reactive routing protocols.2.3 Hybrid Routing Protocols These types of protocols are the combination of proactive and reactive protocolsto overcome the defects of both the protocols. Most of hybrid routing protocols aredesigned as a hierarchical or layered network framework [1]. ZRP and TORA come underthe hybrid routing protocols. 94
  3. 3. International Journal of Electronics and Communication Engineering & Technology (IJECET), ISSN0976 – 6464(Print), ISSN 0976 – 6472(Online) Volume 4, Issue 2, March – April (2013), © IAEME3. TYPES OF ATTACKS Mobile Ad hoc Networks are vulnerable to various types of attacks not fromoutside the network but also within the network itself [5]. There are two major types ofattacks in MANET- internal attacks and external attacks.3.1 Internal AttacksThese types of attacks have a direct impact on the nodes working in a network. Internalattacks may broadcast wrong type of information to other nodes. These types of attacks aremore difficult to be handled as compared to external attacks as internal attacks are initiatedby the authorized nodes in the networks, and might come from both compromised andmisbehaving nodes [5]. Internal nodes are identified as compromised nodes if the externalattackers hijacked the authorized internal nodes and are then using them to launch attacksagainst the ad hoc networks. On the other hand, nodes will be classified as misbehaving ifthey are authorized to access the system resources, but fail to use these resources in a waythey should be [6].3.2 External Attacks External attacks are attacks launched by adversaries who are not initiallyauthorized to participate in the network operations. These attacks usually aim to causenetwork congestion, denying access to specific network function or to disrupt the wholenetwork operations. Bogus packets injection, denial of service, and impersonation are someof the attacks that are usually initiated by the external attackers [6]. External attacksprevent the network from normal communication and producing additional overhead to thenetwork [5]. External attacks can be further classified into two types- Active attacks andPassive attacks.3.2.1 Active Attacks Active attacks are severe attacks on the network that prevent message flowbetween the nodes. Active attacks actively alter the data with the intention to obstruct theoperation of the targeted networks [6]. Active attacks may be internal or external. Activeexternal attacks can be carried out by outside sources that do not belong to the network.Internal attacks are from malicious nodes which are part of the network, internal attacks aremore severe and hard to detect than external attacks [5].3.2.2 Passive Attacks These are the susceptible attacks of MANET. A passive attack does not alter thedata transmitted within the network. But it includes the unauthorized “listening” to thenetwork traffic or accumulates data from it. Passive attacker does not disrupt the operationof a routing protocol but attempts to discover the important information from routed traffic.Detection of such type of attacks is difficult since the operation of network itself doesn’tget affected. In order to overcome this type of attacks powerful encryption algorithms areused to encrypt the data being transmitted [5]. 95
  4. 4. International Journal of Electronics and Communication Engineering & Technology (IJECET), ISSN0976 – 6464(Print), ISSN 0976 – 6472(Online) Volume 4, Issue 2, March – April (2013), © IAEME4. NETWORK LAYER ATTACKS IN MANETThe security of the ad hoc networks greatly depends on the secure routing protocol,transmission technology and communication mechanisms used by the participating nodes[2]. The network layer protocols enable the MANET nodes to be connected with anotherthrough hop-by-hop. Every individual node takes route decision to forward the packet, so itis very easy for malicious node to attack on such network [5]. Thus, security in networklayer plays an important role in the security of the whole network.A number of attacks on network layer have been identified and studied during research.Our primary concern is on three main types of attacks on network layer security namelyWormhole Attack, Rushing Attack and Black Hole Attack.4.1 Wormhole Attack In wormhole attack, malicious node receives data packet at one point in thenetwork and tunnels them to another malicious node. The tunnel existing between twomalicious nodes is referred to as a wormhole. Wormhole attacks pose severe threats torouting protocols. Attackers use wormholes in the network to make their nodes appearmore attractive so that more data is routed through their nodes. When the wormhole attacksare used by attacker in routing protocol such as DSR and AODV, the attack could preventthe discovery of any other route other than wormhole [5].Thus a clear defense mechanism must be introduced in the routing protocols to discovervalid routes from source to destination.For example in figure 1, the nodes 1 and 2 are the malicious nodes which form a wormholelink or tunnel in the network when the source node ‘S’ broadcasts RREQ packet to find asuitable route to destination ‘D.’ B D S C 2 A 1 Wireless link Wormhole link RREQ RREP Wormhole RREQ Fig. 1: WORMHOLE ATTACK 96
  5. 5. International Journal of Electronics and Communication Engineering & Technology (IJECET), ISSN0976 – 6464(Print), ISSN 0976 – 6472(Online) Volume 4, Issue 2, March – April (2013), © IAEME4.2 Rushing Attack These attacks are mainly on the reactive routing protocols. These attacks subvertthe route discovery process. When compromised node receives a route request packet fromthe source node, it floods the packet quickly throughout the network before other nodes,who also receives the same route request packet can react to original request [5]. Rushingattack is a modified form of black hole attack in which a node turns malicious after gainingthe trust of other nodes; hence prevents itself from being detected easily [7]. The examplefor rushing attack is shown in figure 2. Here the malicious node ‘C’ represents the rushingattack node, where ‘S’ and ‘D’ refers to source and destination nodes. The rushing attack ofcompromised node ‘C’ quickly broadcasts the route request messages to ensure that theRREQ message from it reaches earlier than those from other nodes. This result in whenneighboring node of ‘D’ i.e. ‘B’ and ‘E’ when receive the actual route request from source,they simply discard the request. So in the presence of such attacks ‘S’ fails to discover anysuitable route or safe route without the involvement of external attacker [5]. B A S C D F E RREQ Wireless link Rushed RREQ Fig. 2: RUSHING ATTACK4.3 Black Hole Attack A black hole attack is an active denial of service attack in which a maliciousnode can attract all packets by falsely claiming a fresh route to the destination and thenabsorb them without forwarding them to the destination [8]. A black hole can work as asingle node as well as in a group. Since a black hole node does not have to check its routingtable, it is the first to respond to the RREQ in most cases [3]. Figure 3 below shows ablack hole node ‘X’ which gives a false RREP to the source of having a fresh route to thedestination. The source, then, routes all the data towards the black hole node and the nodeabsorbs all the data in it. Thus, the data packets get lost and never reach the destination. 97
  6. 6. International Journal of Electronics and Communication Engineering & Technology (IJECET), ISSN0976 – 6464(Print), ISSN 0976 – 6472(Online) Volume 4, Issue 2, March – April (2013), © IAEME X D S C A B RREQ RREP False RREP Fig. 3: BLACK HOLE ATTACKBlack hole attack is an active attack in case of AODV protocol. Since, AODV has nosecurity mechanisms, a malicious node can perform many attacks just by behavingaccording to AODV rules [9].5. RELATED WORKS A lot of research has been done to combat the black hole attack in MANET.Given below are different solutions for detecting and preventing the black hole attack. Thecomparison of these schemes is shown in table 2.5.1 Detecting Black-hole Attack in Mobile Ad hoc Network Bo Sun et al. used AODV as their routing protocol. To defend against black holeattack they devised a neighborhood based method to detect whether there exists any blackhole attack and a routing recovery protocol to set up a correct path. In this scheme, not onlya lower detection time and higher throughput are acquired, but the accurate detectionprobability is also achieved [10]. No. of Simulation Throughput False Nodes Time Positive Probability 30 to 50 800 sec Increases by Less than 15% 1.7%5.2 Prevention of Cooperative Black Hole Attack in Wireless Ad hoc Networks Sanjay Ramaswamy et al. used data routing information (DRI) table and crosschecking method to identify the cooperative black hole nodes and utilized modified AODVrouting protocol to achieve this methodology. The experiment result shows that thissolution performs better than other solutions [11]. 98
  7. 7. International Journal of Electronics and Communication Engineering & Technology (IJECET), ISSN0976 – 6464(Print), ISSN 0976 – 6472(Online) Volume 4, Issue 2, March – April (2013), © IAEME Node# Data Routing Information From Through Table1: Data Routing Table5.3 Black Hole Attack in Mobile Ad hoc Networks Mohammad Al-Shurman et al. provided two possible solutions to prevent black holeattacks in MANET. The computer simulation shows that the second solution can verify 75% to98% of the route to the destination as compared to original AODV routing protocol [12]. No. of Simulation Routes Nodes Time Verified Solution 1 50 900 sec 60% Solution 2 50 900 sec 75%5.4 Detecting Black Hole Attack on AODV Based MANET by Dynamic Learning Method S. Kurosawa et al. proposed a detection scheme using dynamic training method inwhich needs to be updated at regular time intervals. The simulation results shows theeffectiveness of the scheme compared with the conventional scheme [13]. No. of Simulation Average Average Nodes Time Detection False Rate Positive Rate 30 10000 sec Increases by Decreases 8% by 6%5.5 Prevention of Cooperative Black Hole Attack in MANET L. Tamilselvan et al. proposed a solution based on enhancement of the originalAODV routing protocol. The concept used is setting the timer in the TimerExpiredTable forcollecting the RREP packet from other nodes after receiving the first reply. It will store thepacket’s sequence number and the receiving time pf the packet in a Collect Route Reply Table(CRRT), looking for the timeout value based on the arrival time of the first RREP, judging theroute belong to valid or not based on the above threshold value. The simulations were takenusing global mobile simulator (GloMoSim) which shows that packet delivery ratio is increasedwith minimal delay and overhead. The end-to-end delay might be raised when the suspiciousnode is far from the source node [9]. No. of Simulation Packet End-to-End Nodes Time Delivery Delay Ratio 25 300 sec Increases by Slight 90% increase 99
  8. 8. International Journal of Electronics and Communication Engineering & Technology (IJECET), ISSN0976 – 6464(Print), ISSN 0976 – 6472(Online) Volume 4, Issue 2, March – April (2013), © IAEME5.6 Improving AODV Protocol against Black Hole Attacks [14] Nital Mistry et al. proposed modifications to the AODV protocol and justify thesolution with appropriate implementation. The analysis shows significant improvement inPacket Delivery Ratio (PDR) of AODV in presence of black hole attacks with marginal risein average end to end delay [14]. No. of Simulation Packet End-to-End Nodes Time Delivery Delay Ratio 25 300 sec Increases by Slight 90% increase5.7 Two Tier Secure AODV against Black Hole Attacks in MANETs M. Umaparvathi et al. proposed a secure routing protocol TTSAODV which isan extension of AODV that can be used to protect the route discovery mechanism againstblack hole node. The simulation results show the better performance of the protocol thanconventional protocol in terms of PDR and throughput [15]. No. of Simulation Packet Throughput Nodes Time Delivery Ratio 50 500 sec increases Better avg. throughput5.8 Proposing a Method to Detect Black Hole Attacks in AODV Protocol M. Medadian et al. proposed a method to combat cooperative black hole attackby waiting and checking the replies from all the neighboring nodes to find a safe route. Thesimulation results show that the proposed protocol provides better security andperformance in terms of PDR [16]. No. of Simulation Packet End-to-End Nodes Time Delivery Delay Ratio 30 to 50 _ increases decreases5.9 Prevention of Black Hole Attack in MANET Pooja Jaiswal et al. proposed a solution to prevent the black hole attack with thehelp of destination sequence number sent by the replying node. If there is a large differencebetween the sequence number of source node and intermediate node then that node ismalicious. The simulation results show better performance in terms of PDR and end to enddelay [3]. No. of Simulation Packet End-to-End Nodes Time Delivery Delay Ratio 30 to 70 1000 sec increases decreases 100
  9. 9. International Journal of Electronics and Communication Engineering & Technology (IJECET), ISSN 0976 – 6464(Print), ISSN 0976 – 6472(Online) Volume 4, Issue 2, March – April (2013), © IAEME 6. SUMMARY Mobile ad hoc networks have gained attention due to its self- configuration capabilities. Due to various difficulties in designing of routing protocol, the security of MANET has always been an important concern. In this paper we have discussed Black Hole Attack which is an active attack in Table 2: COMPARISON OF VARIOUS BLACK HOLE ATTACK DETECTION SOLUTIONS Papers Routing Tool Used Detection Publication Results Defects Resource Protocol Type YearDetecting black hole AODV NS-2 Single 2003 The chances that Failed to detect 5th EuropeanAttack in MANET Detection a single attacker is attacker in co- conference in detected is 93% operation mobile communicationPrevention of co- AODV No Cooperative 2003 Secure routing Delay is InternationalOperative black hole simulation Detection against black hole increased conference onAttack in wireless attack wireless networkad-hoc networksBlack hole attack in AODV NS-2 Single 2004 Verify 75% to Attackers canMANETs Detection 98% of the routes listen to the ACMSE channel and update the tableDetecting black hole AODV NS-2 Single 2007 shows effectiveness __ InternationalOn AODV based Detection in detecting black journal ofMANET by dynamic hole attack Network SecurityLearning methodPrevention of co- AODV GloMoSim Cooperative 2007 increased packet Increased delay 2nd InternationalOperative black hole Detection delivery ratio and minimal conference onAttack in MANET overhead wireless broad- Band, Ultra Wideband communicationImproving AODV AODV NS-2 Single 2010 PDR is improved Rise in end to InternationalProtocol against Detection by approx. 80% end delay MulticonferenceBlack Hole attacks of Engineers & Comp. ScientistTwo Tier Secure AODV NS-2 Cooperative 2012 better performance Minimal EuropeanAODV against Detection in terms of PDR increase in cost, Journal ofBlack Hole Attack in and throughput overhead, delay ScientificMANET ResearchProposing a method AODV GloMoSim Cooperative 2012 Provides better Additional EuropeanTo detect black hole Detection security and PDR delay & Journal ofAttacks in AODV than conventional overhead Scientificprotocol AODV ResearchPrevention of Black AODV NS-2 Single 2012 Decreased PDR ___ InternationalHole Attack in Detection and end to end Journal ofMANET delay Comp. Networks & Wireless Comm. AODV protocol. The researchers have proposed many detection and prevention techniques for black hole attack whether single or cooperative. Thus, the state-of-art of these existing solutions are discussed and compared based on various parameters like PDR, throughput, end-to-end delay, routing overhead, etc. the problem for black hole attack is still an active field of research and researchers are working to combat this attack. 101
  10. 10. International Journal of Electronics and Communication Engineering & Technology (IJECET), ISSN0976 – 6464(Print), ISSN 0976 – 6472(Online) Volume 4, Issue 2, March – April (2013), © IAEME7. REFERENCES[1] F.H. Tseng, Li-Der Chou, H.C. Chou, Human-centric Computing and Information Sciences2011, “A survey of Black Hole Attacks in wireless mobile ad-hoc networks”.[2] Ujjwal Agarwal, K.P Yadav, Upendra Tiwari, International Journal of Research in Scienceand Technology, 2012, vol. no. 1, issue no. IV, Jan-Mar, “Security Threats in Mobile Ad hocNetworks”.[3] Pooja Jaiswal, Rakesh Kumar, International Journal of Computer Networks and WirelessCommunications (IJCNWC), ISSN: 2250-3501Vol.2, No5, October 2012, “Prevention ofBlack Hole Attack in MANET”.[4] Yih-Chun, Adrian Perrig, David B. Johnson, “Ariadne: A secure On-Demand RoutingProtocol for Ad Hoc Networks”,sparrow.ece.cmu.edu/~adrian/projects/securerouting/ariadne.pdf, 2002.[5] Gagandeep, Aashima, Pawan Kumar, International Journal of Engineering and AdvancedTechnology (IJEAT) ISSN: 2249 – 8958, Volume-1, Issue-5, June 2012, “Analysis of DifferentSecurity Attacks in MANETs on Protocol Stack A-Review”.[6] S. A. Razak, S. M. Furnell, P. J. Brooke, “Attacks against Mobile Ad Hoc NetworksRouting Protocols”.[7] Sweta Jain, Jyoti Singhai, Meenu Chawla, International journal of Ad hoc, Sensor &Ubiquitous Computing Vol. 2, No. 3, 2011, “A Review Paper on Cooperative Blackhole andGrayhole Attacks in MANETs”.[8] S.K. Chamoli, S. Kumar, D.S. Rana, International Journal of Computer Technology &Applications, Vol. 3 (4), 2012, “Performance of AODV against Black Hole Attacks inMANETs”.[9] L. Tamilselvan, V. Sankaranarayanan: "Prevention of Black Hole Attack in MANET", the2nd international conference on wireless, Broadband and Ultra Wideband Communications(January 2007).[10] Sun B, Guan Y, Chen J, Pooch UW (2003) “Detecting Black-hole Attack in Mobile AdHoc Networks”, Paper presented at the 5th European Personal Mobile CommunicationsConference, Glasgow, U.K., 22-25 April 2003.[11] S. Ramaswamy, H. Fu, M. Sreekantaradhya, J. Dixon, and K. Nygard, “Prevention ofCooperative Black Hole Attack in Wireless Ad Hoc Networks”, 2003 International Conferenceon Wireless Networks (ICWN’03), Las Vegas, Nevada, USA.[12] M. AI-Shurrnan et al: "Black Hole Attack in Mobile Ad Hoc Network", ACMSE 04,(April 2004).[13] S. Kurosawa, H. Nakayama, and N. Kato, “Detecting black hole attack on AODV basedmobile ad-hoc networks by dynamic learning method, ”International Journal of NetworkSecurity”, pp. 338–346, 2007.[14] Mistry N, Jinwala DC, IAENG, Zaveri M (2010) “Improving AODV Protocol AgainstBlackhole Attacks”, Paper presented at the International MultiConference of Engineers andComputer Scientists, Hong Kong, 17-19 March, 2010.[15] M. Umaparvathi, D.K. Varughese, European Journal of Scientific Research, Vol. 72 No. 3(2012),”Two Tier Secure AODV against Black Hole Attack in MANETs”.[16] M. Medadian, K. Fardad, European Journal of Scientific Research, Vol. 69 No. 1 (2012),“Proposing a Method to Detect Black Hole Attacks in AODV Routing Protocol”.[17] M. Ahmed, S. Yousef and Sattar J Aboud, “Bidirectional Search Routing Protocol ForMobile Ad Hoc Networks” International journal of Computer Engineering & Technology(IJCET), Volume 4, Issue 1, 2013, pp. 229 - 243, ISSN Print: 0976 – 6367, ISSN Online: 0976– 6375. 102