Ankur Ratmele, Asst. Prof. Rajesh Dhakad / International Journal of Engineering Researchand Applications (IJERA) ISSN: 2248-9622 www.ijera.comVol. 3, Issue 3, May-Jun 2013, pp.201-205201 | P a g ePerformance Analysis of AODV under Worm Hole Attackthrough Use of NS2 SimulatorAnkur Ratmele*and Asst. Prof. Rajesh Dhakad***Research Scholar, Department of Computer Engineering, SGSITS, Indore (M.P), India.**Asst. Prof., Department of Computer Engineering, SGSITS, Indore (M.P), IndiaABSTRACT-Wireless networks are gainingpopularity to its peak from past, as the userswant wireless connectivity irrespective of theirgeographic position. There is an increasing threatof attacks on the Mobile Ad-hoc Networks(MANET). Any node in mobile ad hoc networksoperates not only as end terminal but both as anintermediate router and client. In this way,multi-hop communication occurs in MANETsand thus it is a difficult task to establish a securepath between source and destination. It generallyworks by broadcasting the information and usedair as medium. Its broadcasting nature andtransmission medium also help attacker, whoseintention is to spy or disrupt the network. Whentwo malicious nodes forward packet through aprivate “tunnel” in the network, in which onenode is nearer to the source and other node isnearer to the destination and packet travelledthrough this malicious nodes. This type ofactivity is known as wormhole attack. NS2 ischosen as a simulation environment because it isone of the leading environments for networkmodeling and simulation.Keywords- Mobile Ad hoc network,ns-2,Wormhole attack.INTRODUCTION-Mobile wireless ad hoc networks arefundamentally different from wired networks, asthey use wireless medium to communicate, do notrely on fixed infrastructure and can arrange theminto a network quickly and efficiently. In a MobileAd Hoc Network (MANET) , each node serves asa router for other nodes, which allows data to travel,utilizing multi-hop network paths, beyond the lineof sight without relying on wired infrastructure.Security in such networks, however, is a greatconcern .The open nature of the wireless mediummakes it easy forOutsiders to listen to network traffic orinterfere with it. Lack of centralized controlauthority makes Deployment of traditionalcentralized security mechanisms difficult, if notimpossible. Lack of clear network entry points alsomakes it difficult to implement perimeter-baseddefense mechanisms such as firewalls. Finally, in aMANET nodes might be battery-powered and mighthave very limited resources, this may make the useof heavy-weight security solutions undesirable.MANETs often suffer from security attacks becauseof its features like open medium, changing itstopology dynamically, lack of central monitoringand management, cooperative algorithms and noclear defense mechanism. These factors havechanged the battle field situation for the MANETsagainst the security threats .The MANETs work without a centralizedadministration where the nodes communicate witheach other on the basis of mutual trust. Thischaracteristic makes MANETs more vulnerable tobe exploited by an attacker inside the network.Wireless links also makes the MANETs moresusceptible to attacks, which make it easier for theattacker to go inside the network and get access tothe ongoing communication [3, 4]. Mobile nodespresent within the range of wireless link canoverhear and even participate in the network.Wormhole attack is a network layer attack. In a typical wormhole attack at least twocolluding node in the network are located atdifferent places that are not in direct communicationrange of each other i.e. one near to the source nodeand another near to the destination node thusbypassing information from source node todestination node and disrupting proper routing.In this paper, we concentrate on thethroughput analysis of an Ad-hoc networkconsisting of 16 nodes. We use Ad-hoc on demandRouting (AODV) protocol and carry out simulationsto evaluate the performance of wireless ad-hocnetwork.NS2 is selected to carry out thesimulation. Ns2 provide technologies, protocols,communication devices for academic research,assessment and improvement. It is efficient robustand highly reliable which grant the user the ease ofgraphical interface, developing and running thesimulation and validation of the results. NetworkSimulator (Version 2), widely known as ns-2, issimply a discrete event driven network simulationtool for studying the dynamic nature of
Ankur Ratmele, Asst. Prof. Rajesh Dhakad / International Journal of Engineering Researchand Applications (IJERA) ISSN: 2248-9622 www.ijera.comVol. 3, Issue 3, May-Jun 2013, pp.201-205202 | P a g ecommunication networks. It is an open sourcesolution implemented in C++ and Otcl programminglanguages. ns-2 provides a highly modular platformfor wired and wireless simulations supportingdifferent network element, protocol (e.g., routingalgorithms, TCP, UDP, and FTP), traffic, androuting types. In general, ns-2 provides users with away of specifying network protocols and simulatingtheir corresponding behaviors.In this we investigate the throughput ofwireless ad-hoc network simulation consideringAODV protocol. We compare the throughputsimulation results of AODV without wormholeattack and with the wormhole attack.II.Related WorkThe most commonly cited wormholeprevention mechanism is „packet leashes‟ by Hu etal , proposed to add secure „leash‟ containingtiming and/or Global Positioning System (GPS)information to each packet on a hop-by-hop basis.Based on the information contained in a packetleash, a node receiving the packet would be able todetermine whether the packet has traveled a distancelarger than physically possible.Hu proposed two different kinds of leashes:geographical leashes and temporal leashes.Geographic leashes require each node to have accessto up-to-date GPS information, and rely on loose (inthe order of ms) clock synchronization. Whengeographical leashes are used, a node sending apacket appends to it the time the packet is sent tsandits location ps. A receiving node uses its ownlocation prand the time it receives a packet trtodetermine the distance the packet could havetraveled. Keeping in mind maximum possible nodevelocity v, clock synchronization error Δ, andpossible GPS distance error Δ, the distance betweenthe sender and the receiver dsris upper-bounded by:dsr<||ps-pr||+2v(tr-ts+Δ)+Δ ……..(i)Geographical leashes should work finewhen GPS coordinates are practical and available.However, modern GPS technology has significantlimitations that should not be overlooked. While theprice of GPS devices is going down, it remainssubstantial.Finally, GPS systems are not versatile, asGPS devices do not function well inside buildings,under water, in the presence of strong magneticradiation, etc. As opposed to geographical leashes,temporal leashes require much tighter clocksynchronization (in the order of nanoseconds), butdo not rely on GPS information. When temporalleashes are used, the sending node specifies the timeit sends a packet tsin a packet leash, and thereceiving node uses its own packet reception time trfor verification. In a slightly different version oftemporal packet leashes, the sending node calculatesan expiration time teafter which a packet should notbe accepted, and puts that information in the leash.This is to prevent a packet from traveling fartherthan distance Lte=ts+L/C-Δ,….(ii)where, C is the speed of light and Δ is the maximumclock.One possible way to prevent wormholes, asused by Capkun et al , Hu et al , Hong etal , and Korkmaz et al, is to measure round-trip travel time of a message and itsacknowledgement, estimate the distance betweenthe nodes based on this travel time, and determinewhether the calculated distance is within themaximum possible communication range. The basisof all these approaches is the following. The RoundTrip Travel Time (RTT) δ of a message in a wirelessmedium can, theoretically, is related to the distanced between nodes, assuming that the wireless signaltravels with a speed of light c:d=(δc) / 2and δ=2d/c ………………….. iii)The neighbor status of nodes is verified if dis within the radio transmission range R for R > d (dwithin transmission range): R >δc/2 and δ<2R/c. Inessence, the use of RTT eliminates the need for tightclock synchronization required in temporal leashes:a node only uses its own clock to measure time.However, this approach, while accounting formessage propagation, completely ignores messageprocessing time. When a message is sent by onenode and is acknowledged by another, the time ittakes for a node to process a message and to reply toit is generally non-negligible, particularly in thecontext of bounding short distances using signalswhose speed is similar to that of light in vacuum.After all, it takes the light less than 0.2 seconds tocircle the entire Earth around the equator.Outstanding clock precision and practicallynonexistent errors are required to bind distances onthe order of hundreds of meters.III. Overview of AODV ProtocolAd hoc On-Demand Distance Vector(AODV) routing is a routing protocol for mobile adhoc networks and other wireless ad-hoc networks. Itis jointly developed in Nokia Research Centre ofUniversity of California, Santa Barbara andUniversity of Cincinnati by C. Perkins and S. Das. Itis an on-demand and distance-vector routingprotocol, meaning that a route is established byAODV from a destination only on demand. AODVis capable of both unicast and multicast routing. Itkeeps these routes as long as they are desirable bythe sources. Additionally, AODV creates treeswhich connect multicast group members. The treesare composed of the group members and the nodesneeded to connect the members. The sequence
Ankur Ratmele, Asst. Prof. Rajesh Dhakad / International Journal of Engineering Researchand Applications (IJERA) ISSN: 2248-9622 www.ijera.comVol. 3, Issue 3, May-Jun 2013, pp.201-205203 | P a g enumbers are used by AODV to ensure the freshnessof routes. It is loop-free, self-starting, and scales tolarge numbers of mobile nodes. AODV definesthree types of control messages for routemaintenance:RREQ- A route request message istransmitted by a node requiring a route to a node. Asan optimization AODV uses an expanding ringtechnique when flooding these messages. EveryRREQ carries a time to live (TTL) value that statesfor how many hops this message should beforwarded. This value is set to a predefined value atthe first transmission and increased atretransmissions. Retransmissions occur if no repliesare received. Data packets waiting to be transmitted(i.e. the packets that initiated the RREQ). Everynode maintains two separate counters: a nodesequence number and a broadcast_ id. The RREQcontains the following fields.The pair <source address, broadcast ID> uniquelyidentifies a RREQ. Broadcast_id is incrementedwhenever the source issues a new RREQ.RREP- A route reply message is unicastback to the originator of a RREQ if the receiver iseither the node using the requested address, or it hasa valid route to the requested address. The reasonone can unicast the message back, is that every routeforwarding a RREQ caches a route back to theoriginator.RERR- Nodes monitor the link status ofnext hops in active routes. When a link breakage inan active route is detected, a RERR message is usedto notify other nodes of the loss of the link. In orderto enable this reporting mechanism, each node keepsa ―precursor list, containing the IP address foreach its neighbors that are likely to use it as a nexthop towards each destination.Wormhole AttackWormhole attack is a network layer attack.In a typical wormhole attack at least two colludingnodes in the network are located at different placesthat are not in direct communication range of eachother i.e. one near to the source node and anothernear to the destination node thus bypassinginformation from source node to destination nodeand disrupting proper routing. In Fig. 1, M1 and M2are two colluding nodes. The malicious node M1takes data near the source node then tunnels it to M2placed near the destination node. Communication ofdata occurs via path having this low latency link allthe times due to less number of hops.Fig.1 wormhole attackIV. Simulation DescriptionThe ns-2 simulator is the most popularnetwork simulator today Ns2 is a discrete eventsimulator targeted at networking research. Itprovides substantial support for simulation of TCP,routing and multicast protocols over wired andwireless networks. It consists of two simulationtools. The network simulator (ns) contains allcommonly used IP protocols. The network animator(nam) is use to visualize the simulations. Ns2 fullysimulates a layered network from the physical radiotransmission channel to high level applications.Ns2is an object oriented simulator written in C++ andOTcl. The simulator supports a class hierarchy inC++ and a similar class hierarchy within the OTclinterpreter. There is a one-to-one correspondencebetween a class in the interpreted hierarchy and onein the compile hierarchy.Simulation ParameterParameter ValueMobility Model Two Ray Ground ModelNodes (Wifi) 16Simulation Time 20secPacket Size 1000 bytesNode Speed 10m/sTraffic model CBRSimulation ScenarioFollowing are the simulation Scenarios in whichthere are 16 nodes. Node 0 is source node and node4 is the destination node.1. Simulation of AODV without wormholeAttack
Ankur Ratmele, Asst. Prof. Rajesh Dhakad / International Journal of Engineering Researchand Applications (IJERA) ISSN: 2248-9622 www.ijera.comVol. 3, Issue 3, May-Jun 2013, pp.201-205204 | P a g eFig.2 simulation of aodv2. Simulation of AODV with wormhole attackFig.3 Simulation of attackIn this node 3 and node 4 are the malicious nodesand wormhole link is established as shown. Packetis travelled through these malicious nodes. Sopackets will not reach to the destination.V. Performance Evaluation:The following are the graphs shown below. Thesegraphs are the throughput-time graph.a. Throughput/Time Graph without wormholeattackFig.4 Graph without wormhole attacka. Throughput/Time Graph with wormhole attackFig.5 Graph with wormhole attackVI. ConclusionIn this paper we carried out the simulationusing ns2.We used AODV protocol. In Fig.4 shownwithout wormhole attack packet reached to thedestination. Varying throughput with time indicatethat the packet reached to the destination but in theFig.5 shown with the wormhole attack there isconstant line i.e zero throughput ,which indicate thatno packet is reached to the destination becausemalicious node dropped all the received packet. Sono packet is received at the destination.Effects of wormhole attackEffect of wormhole attack in the network is thatpacket is not reached to the destination as shown inthe fig.5.REFERNCES C.Siva Ram Murthy and B. S. Manoj. “Adhoc wireless networks: Architecture andProtocols”. Prentice Hall Publishers, May2004, ISBN 013147023X. P.V.Jani, “Security within Ad-HocNetworks,” Position Paper, PAMPASWorkshop, Sept. 16/17 2002. P.V.Jani, “Security within Ad-HocNetworks,” Position Paper, PAMPASWorkshop, Sept. 16/17 2002. K.Biswas and Md. Liaqat Ali, “Securitythreats in Mobile Ad-Hoc Network”,Master Thesis, Blekinge Institute ofTechnology” Sweden, 22nd March 2007. Mishra Amitabh, Nadkarni Ketan M., andIlyas Mohammad. “Chapter 30: Security inwireless ad-hoc networks, the handbook ofAd hoc wireless network”.CRC PRESSPublisher, 2003.
Ankur Ratmele, Asst. Prof. Rajesh Dhakad / International Journal of Engineering Researchand Applications (IJERA) ISSN: 2248-9622 www.ijera.comVol. 3, Issue 3, May-Jun 2013, pp.201-205205 | P a g e The ns2 network simulator,”http://www.isi.edu/snam/ Y.-C. Hu, A. Perrig, D. B. Johnson;“Packet leashes: a defense againstwormhole attacks in wireless networks”;INFOCOM 2003, Twenty-Second AnnualJoint Conference of the IEEE Computerand Communication Societies, Vol. 3, pp.1976-1986, 2003. S.Capkun, L. Buttyan, J.-P. Hubaux;“SECTOR: Secure Tracking of NodeEncounters in Multi-Hop WirelessNetworks”; Proc. of the 1st ACMWorkshop on Security of Ad Hoc andSensor Networks; 2003. Y-C Hu, A. Perrig, D. Johnson; “RushingAttacks and Defense in Wireless Ad HocNetwork Routing Protocols”; Proc. ofWISE 2003, September 19, San Diego,California, USA, 2003. Korkmaz T.; “Verifying Physical Presence ofNeighbours against Replay-based Attacksin Wireless Ad Hoc Networks”; Proc.International Conference on InformationTechnology: Coding and Computing 2005,ITCC 2005, pp. 704-709, 2005. M.Parsons and P.Ebinger, “PerformanceEvaluation of the Impact of Attacks onmobile Ad-Hoc networks.