525 529


Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

525 529

  1. 1. ISSN: 2278 – 1323 International Journal of Advanced Research in Computer Engineering & Technology Volume 1, Issue 4, June 2012 Detecting Sequence Number Collector Problem in Black Hole Attacks in AODV Based Mobile Adhoc Networks Anand Nayyar, Assistant Professor, Department of Computer Applications & IT, KCL Institute of Management and Technology, Jalandhar E-Mail: anand_nayyar@yahoo.co.in mobile ad hoc networks (MANETs), wireless mesh networks,Abstract— Mobile Ad-hoc Network (MANET) is an wireless sensor networks.autonomous system, where nodes/stations are connected with eachother through wireless links. MANETs are highly vulnerable to A.CHARACTERISTICS OF MANETattacks due to the open medium, dynamically changing topology,lack of centralized monitoring and management point. The possible One of the classifications of wireless ad hoc network isand the commonest attack in ad hoc networks is the black hole MANET (Mobile ad hoc network).A mobile ad hoc networkattack. In the black hole attack, a malicious node advertises itself as (MANET), sometimes called a mobile mesh network, is ahaving the shortest path to the destination node. In the existingmethod a detection method based on checking the sequence number self-configuring network of mobile devices connected byin the Route Reply message by making use of a new message wireless links. Each device in a MANET is free to moveoriginated by the destination node was developed but the drawback independently in any direction, and will therefore change itshere is that a malicious node can play a role of sequence number links to other devices frequently. Each must forward trafficcollector in order to get the sequence number of as many other nodes unrelated to its own use, and therefore be a route. Theas possible. In this Research Paper, a system is being proposed via primary challenge in building a MANET is equipping eachwhich the sequence number collector problem is overcome by device to continuously maintain the information required toclassifying the nodes into three categories based on the behavior. properly route traffic[1]. Such networks may operate byThe malicious node is isolated from the active data forwarding and themselves or may be connected to the larger Internet.routing. The association between the nodes is used for the route MANETs are a kind of wireless ad hoc networks that usuallyselection. The scheme which is proposed in this research paper notonly increases the routing security but also make the nodes has a routable networking environment on top of a Linkcooperate among each other in the adhoc network. Layer ad hoc network. They are also a type of mesh network, but many mesh networks are not mobile or not wireless.Index Terms— Secured Routing, AODV, Black Hole Attack MANET are highly vulnerable to attacks due to openDetection, Malicious Nodes, Adhoc Network. medium, dynamically changing network topology, co-operative algorithms, lack of centralized monitoring and I. INTRODUCTION management point, lack of clear line defense. One of the A wireless ad hoc network is a decentralized wireless typical routing protocols for MANET is called Ad Hocnetwork. The network is ad hoc because it does not rely on On-Demand Distance Vector (AODV) [2] One of thepreexisting infrastructure, such as routers in wired networks possible and commonest attacks in ad hoc networks is theor access points in managed (infrastructure) wireless black hole attack.networks. Instead, each node participates in routing byforwarding data for other nodes, and so the determination of B. Ad-Hoc on-Demand Distance Vector Routing (AODVwhich nodes forward data is made dynamically based on the PROTOCOL)network connectivity. The decentralized nature of wireless adhoc networks makes them suitable for a variety of Ad-hoc On-Demand Distance Vector (AODV) Routing is aapplications where central nodes cant be relied on, and may routing protocol for mobile ad hoc networks (MANETs) andimprove the scalability of wireless ad hoc networks other wireless ad-hoc networks. It is a reactive routingcompared to wireless managed networks, though theoretical protocol, meaning that it establishes a route to a destinationand practical limits to the overall capacity of such networks only on demand. In contrast, the most common routinghave been identified. Minimal configuration and quick protocols of the Internet are proactive, meaning they finddeployment make ad hoc networks suitable for emergency routing paths independently of the usage of the paths. AODVsituations like natural disasters or military conflicts. The is, as the name indicates, a distance-vector routing protocol.presence of a dynamic and adaptive routing protocol will AODV avoids the counting-to-infinity problem of otherenable ad hoc networks to be formed quickly. Wireless ad distance-vector protocols by using sequence numbers onhoc networks can be further classified by their application as route updates, a technique pioneered by DSDV. AODV is capable of both unicast and multicast routing. In AODV, the network is silent until a connection is needed. At that point the network node that needs a connection broadcasts a 525 All Rights Reserved © 2012 IJARCET
  2. 2. ISSN: 2278 – 1323 International Journal of Advanced Research in Computer Engineering & Technology Volume 1, Issue 4, June 2012request for connection. Other AODV nodes forward this III. RELATED WORKmessage, and record the node that they heard it from, creating Satoshi Kurosawa et al.[4] proposed a Dynamic Learningan explosion of temporary routes back to the needy node. Method to detect black hole attack in AODV based MANET.When a node receives such a message and already has a route This paper analyzes the black hole attack which is one of theto the desired node, it sends a message backwards through a possible attacks in ad hoc networks. In conventional schemes,temporary route to the requesting node. The needy node then anomaly detection is achieved by defining the normal statebegins using the route that has the least number of hops from static training data. However, in mobile ad hocthrough other nodes. Unused entries in the routing tables are networks where the network topology dynamically changes,recycled after a time. When a link fails, a routing error is such static training method could not be used efficiently. Inpassed back to a transmitting node, and the process repeats. this paper, an anomaly detection scheme using dynamicMuch of the complexity of the protocol is to lower the training method in which the training data is updated atnumber of messages to conserve the capacity of the network. regular time intervals is proposed. Latha Tamilselvan et al.[5]For example, each request for a route has a sequence number. proposed a method to prevent black hole attack in MANET.Nodes use this sequence number so that they do not repeat To reduce the probability it is proposed to wait and check theroute requests that they have already passed on. Another such replies from all the neighboring nodes to find a safe route.feature is that the route requests have a "time to live" number Handling the timer expiration event is difficult The handlingthat limits how many times they can be retransmitted. of route reply packet takes more time. Payal N. Raj et al.[6]Another such feature is that if a route request fails, another proposed a dynamic learning system against black holeroute request may not be sent until twice as much time haspassed as the timeout of the previous route request. The attack in AODV based MANET. In this paper, aadvantage of AODV is that it creates no extra traffic for DPRAODV (Detection, Prevention and Reactive AODV) tocommunication along existing links. Also, distance vector prevent security threats of black hole by notifying otherrouting is simple, and doesnt require much memory or nodes in the network of the incident is proposed. Thecalculation. However AODV requires more time to establish prevention scheme detects the malicious nodes and isolates ita connection, and the initial communication to establish a from the active data forwarding and routing and reacts byroute is heavier than some other approaches. A RouteRequest sending ALARM packet to its neighbors. The calculation ofcarries the source identifier ,the destination identifier , the the threshold value is difficult. Zhao Min et al.[7] proposed asource sequence number , the destination sequence number , method to prevent cooperative black hole attack forthe broadcast identifier , and the time to live (TTL) field. MANETS. Two authentication mechanisms, based on the hash function, the Message Authentication Code (MAC) and C. BLACK HOLE ATTACK the Pseudo Random Function (PRF), are proposed to provide fast message verification and group identification, identifyOne of the possible and commonest attacks in Ad hoc multiple black holes cooperating with each other and tonetworks is the Black Hole attack[3]. In the Black Hole discover the safe routing avoiding cooperative black holeAttack the malicious nodes advertise itself as having the attack. Xiao Yang Zhang et al.[8] proposed a method toshortest path to the destination node. Black hole attack is one detect black hole attack in MANET. Every conventionalof the security threat in which the traffic is redirected to such method to detect such an attack has a defect of rather higha node that actually does not exist in the network. It’s an rate of misjudgment in the detection. In order to overcomeanalogy to the black hole in the universe in which things this defect, a new detection method based on checking thedisappear. The node presents itself in such a way to the node sequence number in the Route Reply message by making usethat it can attack other nodes and networks knowing that it of a new message originated by the destination node and alsohas the shortest path. MANETs must have a secure way for by monitoring the messages relayed by the intermediatetransmission and communication which is quite challenging nodes in the route is proposed Can detect more than one blackand vital issue. hole attacker at the same time. No need of any threshold or trust level. When a node moves out of the transmission range II. PROBLEM STATEMENT of the source node the source node assumes the normal node as a malicious node. When a normal node detects a maliciousWhen a node moves out of the transmission range of the node the node will broadcast an alarm msg. however thissource node, the source node assumes to be normal node as a alarm message may arrive at the source node in time formalicious node (False positive). When a normal node detects various reasons such as no route the source node. Thus thea malicious node the node will broadcast an alarm message. source node cannot judge that there is a malicious node in theHowever this alarm message may not arrive at the source route and begins to send data along this dangerous route.node in time for various reasons such as no route to the H.Lan Hguyen et al.[9] made a study of different types ofsource node. Thus the source node cannot judge that there is a attacks on multicast in MANET. Security is an essentialmalicious node in the root and begins to send data along this requirement in mobile ad hoc networks (MANETs).In thedangerous route(False negative). The sequence number above study the following are analyzed First, protocols thatgenerated by a destination node is very important, a use the duplicate suppression mechanism such as ODMRP,malicious node can play a role of sequence number collector MAODV, ADMR are very vulnerable to rushing attacks.in order to get the sequence number of as many other nodes Second, although the operations of black hole attacks andas possible by broadcasting request with high frequency to neighbor attacks are different they both cause the samedifferent nodes in MANET, so that this collector always degree of damage to the performance of a multicast group inkeeps the freshest of sequence numbers of other nodes. terms of packer loss rate. Finally, jellyfish attacks do not 526 All Rights Reserved © 2012 IJARCET
  3. 3. ISSN: 2278 – 1323 International Journal of Advanced Research in Computer Engineering & Technology Volume 1, Issue 4, June 2012affect the packet delivery ratio or the throughput of amulticast group, but they severely increase the packetend-to-end delay and delay jitter. The performance of amulticast session in MANETs under attacks depends heavilyon many factors such as the number of multicast senders, thenumber of multicast receivers, the number of attackers aswell as their positions. IV. PROPOSED SCHEME This section presents the extension of Association basedRouting which is to be applied over the AODV protocol inorder to enhance the security. The purpose of this scheme isto fortify the existing implementation by selecting the bestand secured route in the network. For each node in thenetwork, a trust value will be stored that represent the valueof the trustiness to each of its neighbor nodes. This trust valuewill be adjusted based on the experiences that the node haswith its neighbor nodes.In proposed scheme we classify the Association among thenodes and their neighboring nodes in to three types as below Fig.1: Block DiagramUNASSOCIATED (UA)The nodes that newly joined the network and those nodes B. CALCULATION OF TRUST VALUEwhich have not forwarded any message comes under thiscategory. The trust levels are very low and the malicious The trust values are calculated based on the followingbehavior is very high. parameters of the nodes. We propose a very simple equation for the calculation of trust value.ASSOCIATED (A) R= The ratio between the number of packets forwarded andThe nodes that have started to send message but have some number of packets to be forwarded. The threshold trust levelmore messages to forward come under this category. The is calculated by using (1)trust levels are neither low nor too high, probability ofmalicious nodes in the network is to be observed. A=Acknowledgement bit.(0 or 1)FRIEND (F) T= tanh (R+A)The nodes that have forwarded all the messages to thecorresponding destination falls under this category and thetrust levels between them are very high, probability ofmalicious behavior is very less.The following table shows the Association Table of Node 1in Fig. 1 Fig: Nodes in Ad-hoc Network 527 All Rights Reserved © 2012 IJARCET
  4. 4. ISSN: 2278 – 1323 International Journal of Advanced Research in Computer Engineering & Technology Volume 1, Issue 4, June 2012The following table shows the association table for Node 1 ratings. This protocol will converge to the AODV protocol if all the nodes in the ad hoc network are friends. In theNeighbors Nature of Association proposed scheme the route is not selected on the basis of first2 F arrival of RREP and waits till it gets the RREP from all3 F neighboring nodes and decides the routing path based on the4 A nature of Association between them. Thus the black hole5 F nodes are identified as unassociated in both the hops and6 UA were not given preference in the route selection.The threshold trust level for an unassociated node to become V. CONCLUSIONassociated to its neighbor is represented by TA and the In this paper we have discussed the characteristics of mobilethreshold trust level for a associated node to become a Friend adhoc network and about the Black hole attacks. Theof its neighbor is denoted by TF. The Associations are proposed scheme of Association based AODV protocolrepresented as increases the routing security and also encourages the nodesA (node x → node y) = F when T ≥ TF to cooperate in the adhoc structure. It identifies the maliciousA (node x → node y) = A when TA≤ T < TF nodes and isolates them from the active data forwarding andA (node x → node y) = UA when 0<T ≥ TA routing. Since the black hole node is the one which do notAlso, the Association between nodes is asymmetric, (i.e.,) A forward any message to the destination and consumes the(node x → node y) is an Association evaluated by node x entire message our proposed scheme identifies more than onebased on trust levels calculated for its neighbor node y. A black hole attacker node and the data is not allowed to pass(node y → node x) is the Association from the Association through the black hole node path thus delay and overhead intable of node y. This is evaluated based on the trust levels route selection is reduced.assigned for its neighbor. Asymmetric Associations suggestthat the direction of data flow may be more in one direction. REFERENCESIn other words, node x may not have trust on node y the sameway as node y has trust on node x or vice versa. [1] Elizabeth M, Royer, and Chai-Keong Toh: "A Review of CurrentRouting Protocols for Ad Hoc Mobile Wireless Networks," IEEE Personal Communications, pp. 46-55,C. Path Selection for Active Data Forwarding (April 1999).The following table shows the path chosen based on [2] C.E. Perkins, S,R, Das, and E. Royer: "Ad-I-Ioe onProposed Scheme Demand Distance Vector(AODV)", RFC 3561.Best Path P1 Best Path P2 Path Selection [3] H. Lan Nguyen and U, Trang Nguyen: "A study ofF F F is chosen in P1 different types of attacks on multicast in mobile ad hoc or P2 based on the networks", Ad Hoc Network,VoI.6,No. I, (2007). length of the path.F A F is chosen in P1 [4] Satoshi Kurosawa, Hidehisa Nakayama, Nei Kato, AbbasA F F is chosen in P2 Jamalipour, and Yoshiaki Nemoto: "Detecting BlackholeA A A is chosen in P1 Attack on AODV-based Mobile Ad Hoc Network by or P2 based on the Dynamic Learning Method", International Journal of length of the path Network Security, Vo1.5, PP.33S-346, (November, 2007).F UA F is chosen in P1 [5] Latha Tamilselvan, V. Sankaranarayanan: "Prevention of Black Hole Attack in MANEr", The 2nd internationalWhen any node wishes to send messages to a distant node, its conference on wireless, Broadband and Ultra Widebandsends the ROUTE REQUEST to all the neighboring nodes; Communications (January 2007).The ROUTE REPLY obtained from its neighbor is sorted bytrust ratings. The source selects the most trusted path. If its [6] Payal N. Raj and Prashant B. Swadas, “DPRAODV: Aone hop neighbor node is a friend, then that path is chosen for Dynamic Learning System Against Black Hole Attack Inmessage transfer. If its one-hop neighbor node is a AODV Based Manet”, IJCSI International Journal ofAssociated node, and if the one hop neighbor of the second Computer Science Issues, Vol. 2, 2009.best path is a friend choose C. Similarly an optimal path ischosen based on the degree of Association existing between [7] Zhao Min, Zhou Jiliu, “Cooperative Black Hole Attackthe neighbor nodes. Prevention for Mobile Ad Hoc Networks”, International Symposium on Information Engineering and ElectronicThe source selects the shortest and the next shortest path. Commerce, 2009.Whenever a neighboring node is a friend, the messagetransfer is done immediately. This eliminates the overhead of [8] Xiao Yang Zhang, yuji Sekiya and Yasushi wakahara,invoking the trust estimator between friends. If it is a “Proposal of a Method to Detect Black Hole Attack inassociated or unassociated, transfer is done based on the 528 All Rights Reserved © 2012 IJARCET
  5. 5. ISSN: 2278 – 1323 International Journal of Advanced Research in Computer Engineering & Technology Volume 1, Issue 4, June 2012MANET”, Autonomous Decentralized Systems, pp 1-6,ISADS 2009 .[9] H.Lan Hguyen and U.Trang Nguyen, “A Study ofDifferent Types of Attacks on multicast in Mobile Ad HocNetworks”, Ad Hoc Network,Vol.6, No.1, 2007.[10] N.Bhalaji, Dr.A.Shanmugam, “Association betweennodes to combat blackhole attack in dsr based manet”, 2009.[11] Network Simulator Official Site for PackageDistribution, web reference, http://www.isi.edulnsnam.Anand Nayyar (B.Com, MCA, M.Phil, M.Tech(IT), C-CyberLaw, C-IPR) an Academician, Researcher, Author andInnovator. He is certified in A+, CCNA, MCSE, MCTS,MCITP, RHCE, OCP, CEH and many more. He haspublished more than 100 Research Papers and has written 7books on Computer Science Topics. He is activelyresearching on Networks, Wireless Communications, AdhocNetworks, Mobile Adhoc Networks and Swarm Intelligence.Anand Nayyar is a part of more than 100 Journals EditorialBoards and Review Boards and has reviewed more than 400Research Papers. He is Life Member of various ResearchSocieties like ISTE, IAENG, IACSIT, AIAER, ISITA,ACM-CSTA, ISOC, SDIWC, UACEE, IAEST, ICST,GERA, IACAT, IAOE, APCBEES, SCIEI, MCDM,IAEME, British Science Association, EURO, ISI,PASS and many others. 529 All Rights Reserved © 2012 IJARCET