Blackhole attack in Manet

Fore More info Https://www.ThesisScientist.com
A DISSERATION
On
PREVENTION OF DOS AND BLACK HOLE ATTACK IN
AODV
For the award of the degree of
Master of Technology
(Computer Science and Engineering)
Session 2014 – 2016
Submitted by Supervised By
Sachin Gupta Mrs. Harsha Chawla
S14MCSE11 Assistant Professor
Department of CSE, NGFCET, Palwal Department of CSE, NGFCET, Palwal
MAHARSHI DAYANAND UNIVERSITY

CHAPTER 1
INTRODUCTION
1.1 OVERVIEW
The cellular networks or mobile networks are a communication networks where the last
link is wireless. The networks to be distributed over land areas called cells, each served
by at least one fixed-location transceiver, known as a cell site or base station. The
wireless cellular systems are being used since 1980s. We have seen their evolutions such
as first, second and third generation's of cellular wireless systems. These systems work
with the support of a centralized supporting structure such as the access point. In ad-hoc
network wireless users can be connected with the wireless systems with help of these
access points, when they want to roam from one place to the other. The adaptability of
the wireless systems is limited by the presence of a fixed supporting coordinates. It’s
mean that the technology can’t work efficiently in the places where is no permanent
infrastructure. Such type the fast network deployment is not possible with the existing
infrastructure of present wireless systems. Recent advancements such as Bluetooth’s
introduced a fresh type of a wireless system that is frequently known mobile ad-hoc
networks.
The mobile ad-hoc networks control does not depends upon the permanent preexisting
infrastructure. The mobile ad-hoc networks offers quick and horizontal networks
deployment in certain conditions where it is not possible otherwise. The Ad-hoc word is
a Latin word meaning of that is "for this or for this only." Mobile ad-hoc networks are an

autonomous system of the mobile nodes that are connected by wireless links; each node
operates as an end system and a router for all other nodes in the network. The wireless
networks are a growing new technology that will allow users to access services and
information electronically in respective of their geographic position. Wireless networks
can be classified into two types such as infrastructure networks and infrastructure less
networks. Infrastructure network consists of a network with fixed and wired gateways. A
mobile node or host interacts with a bridge in the network known as base station within
its communication radius. The mobile nodes are able to move geographically while these
are communicating with others. When mobile node goes out of the range of one base
station, it connects with other new base station and starts communication. This is known
as handoff and in this approach the base stations are fixed.
The Mobile Ad-Hoc Network is a group of wireless mobile nodes in that nodes to be
collaborated by forwarding packets to other to allow them to communicate outside range
of direct wireless transmission. The Ad-Hoc network does not need any types of
centralized administration or fixed network infrastructure such as base stations or access
points, and can be quickly and inexpensively set up as needed. In other words we can
say MANET is an autonomous group of mobile users that communicate over the
reasonably slow wireless links. The network topology may vary rapidly and
unpredictably over time, because the nodes are mobile. The MANET is decentralized,
where all the networks activity, including discovering. The topologies and delivery of
the messages must be executed by the nodes themselves. Hence routing functionality
will have to be incorporated into the mobile nodes.

A
B
c
Figure 1.1 Example of a simple ad-hoc network with three participating nodes
The Mobile Ad-Hoc network is a collection of independent mobile nodes that can
communicate to each other via radio waves. The mobile nodes are able to directly
communicate to those nodes that are within the range of radio range of each other, and
node beyond the communication range need the help of intermediate nodes to route their
packets. These networks are fully distributed, and can work at any place without the help
of any infrastructure. This property makes these networks highly robust. In Figure 1.1
nodes A and C must discover the route through B in order to communicate. The circles
indicate the nominal range of each nodes radio transceiver. Node-A and Node-C are not
in the direct transmission range of each other, since Node-A’s circle does not cover the
Node-C .So if A want to send a data to C it is obvious to involve B to forward the data
from A to C. Here B acts as an intermediate node. Without node B A cannot send the
data to C.
MANET is a kind of wireless ad-hoc network and it is a self-configuring network of
mobile routers (and associated hosts) connected by wireless links the union of which
forms an arbitrary topologies. The participating nodes acts as a router are free to move
randomly and manage themselves arbitrarily. Thus the wireless network's topology may

change rapidly and unpredictably such type networks may operate in standalone fashion,
or may be connected to the larger internet.
Mobile Ad-hoc Networks is a collection of group of wireless mobile node, i.e wireless
devices. The wireless nodes are connecting dynamically and sharing the information.
Basically there are two types of mobile ad-hoc networks: Infrastructure based and
networks with fixed and wired gateways. The bridges for wireless networks are known
as base station [1].The personal computer make wireless node using the wireless LAN
card, the PDA (Personal Digital Assistants) or Smartphone, the laptop or wireless
devices.
Fig: 1.1 Mobile Ad-hoc Networks
Fig.1.1 is defining the mobile ad-hoc network and how to communicate one wireless
device to another wireless device. A wireless node can be tackle of any employs. The air
as the transmission medium. As shown, wireless node may be physically connected to a
Laptop, a Mobile, or PDA, to enable wireless communication between them.

1.2 Characteristics of an Ideal Routing Protocol for Ad Hoc Wireless Network
Due to the issue in an Ad-Hoc wireless network environment discussed so for the wired
network routing protocols cannot be used in Ad-Hoc wireless networks. Hence Ad-Hoc
wireless networks always require specialized routing protocols that address all those
challenges that are described above. The routing protocols for the Ad-Hoc wireless
network should contain following characteristics:
 It must be fully distributed as like centralized routing involves the high control
overhead and hence it cannot scalable. The distributed routing mechanism is
more fault-tolerant than centralized routing, which involves the risk of single
point of failure.
 It must be adaptive to the frequent topology changes caused by the mobility of
the nodes.
 The route computation and maintenance must be involved a minimum number of
nodes. Each node in the network must have quick access to the route, that is,
minimum time connection set up time is desired.
 It must be localized, as the global state maintenance involves a huge state of the
propagation control overhead.
 It must be loop- free and free stale routes.

 The collisions of packets must be kept to a minimum by limiting the number of
broadcasts made by each node. All transmissions should be reliable to the reduce
message loss and prevent the occurrence of the stale routes.
 It must be covered to the optimal routes once the network topology becomes
stable. The convergence must be quick.
 It must optimally use the resources such as bandwidth, computing power,
memory, and battery power.
 Every node on the network should try to store the information regarding stable
local topology only.
 It should be able to provide a certain level of quality of services (QoS) as
demanded by applications, and should also offer support for time-sensitive
traffic.
1.3 Characteristics of MANET
The Mobile Ad-Hoc Network nodes are furnished with wireless transmitters and
receivers using antennas, that may be highly directional (point-to-point), omnidirectional
(broadcast), probably steerable, and combination thereof. At the given point in time,
depends on positions of nodes, their transmitter and receiver coverage patterns, the
communication power levels and co-channel interference levels, the wireless
connectivity in the form of a random Ad-Hoc network exists among the nodes. This

Ad-Hoc topology may modify with the times such as when nodes move or adjust their
transmission and reception parameters in the range.
The characteristics of these networks are summarized as follows:
 Dynamic topologies: In this nodes are free to move randomly, thus the network
topology that is typically multi-hop, may be changed randomly and rapidly at the
unpredictable time, and may consist of both unidirectional and bidirectional
links.
 Energy-constrained operation: Some or all of the nodes in a Mobile Ad-Hoc
Network may rely on power bank like a battery or other exhaustible means for
their energy. For all of these nodes the most important system design criteria is
energy conservation for optimization.
 Bandwidth-constrained & variable capacity links: The wireless links will be
having a significantly lower capacity than their hardwired counterparts.
Furthermore, afteraccounting of the effects of multiple accesses, fading, noise,
and interference conditions, the realized throughputs of the wireless
communications are often more less than a radio's maximum transmission rate.
 Limited physical security: The mobile wireless networks are normally much
prone to the physical securities threats than fixed-cable nets. The increased
possibilities of the eavesdropping, spoofing, and denial-of-service attacks need
to be carefully considered. Existing link securities techniques are often applied

within the wireless networks to reduce securities threats. As a benefit, the
decentralized nature of the networks control in MANETs always provides
additional robustness against the single points of failure of more centralized
approaches.
 Energy constrained function: Because battery used in every mobile node have
certain restricted power supply, limited processing power, which in turn limits
services and applications supported by each and every node. It becomes a big
issue in MANET because, as each node is act as a router and an end system at
the same time, to forward packets from other node addition energy is required.
 Independent and infrastructure-less: MANET does not depend on traditional
infrastructure or centralized administration. Every one node operates in spread
peer-to-peer mode, behaves as an independent router and generates an
independent data. Network managing has to be scattered across different nodes,
which brings added difficulty in fault finding and managing.
 Frequently/Dynamically changing network topologies: In MANET’s, nodes
can easily move randomly, the network topology, which is normally multi-hop,
can change commonly and unpredictably, resulting in route changes, possibly
packet losses and frequent network partitions [4].

 Multi-hop routing: No any predefine router is available; every node behaves as
a router and forwards each other’s packets information to enable the sharing
information between nodes and mobile hosts.
 Variation within a link and node capability of node: Each node ready with
one or more radio interfaces that have varying capabilities of
transmission/receiving and manage across the different frequency bands [14].
 Communication via wireless means.
 Nodes can perform the rolls of both hosts and routers.
 Frequent routing updates
1.4 The advantages of Mobile ad-hoc networks are
 Deployment cost is low: Ad hoc networks can be deploy on the fly, for this
reason no more costly infrastructure such as copper wires or data cables is not
required.
 Fast and easy deployment: Ad hoc networks are very well-situated and simple
to deploy, since there are no cables involved. So the deployment time can be
reduced.

 Dynamic Configuration: Ad hoc network configuration changes dynamically
over the time in MANET’s. While comparing to configurability of LANs, it is
very easy to change the networks topology of a wireless mobile ad-hoc network.
MANET has different feasible application. Some of them include emergency search-
rescue operations, communication in the battlefield during moving vehicles and soldiers.
Conferences and meeting.
1.1.3 Application of MANET
 Sensor networks:
• Inside the home Smart sensor and actuators embedded in consumers
electronic
• Body area networks (BAN)
• Data tracking of animal movements, chemical/biological detection and
environmental conditions.
 Tactical networks:
• Military communication
• Military operations
• In the battlefields

 Emergency services:
• Rescue operations and Search in the mountain and the desert.
• Replacement of fixed infrastructure. i.e. in case of environmental
calamities.
• Policing.
• Fire Alarm using sensor networks
• Supporting doctors and nurses in hospitals.
 Coverage extension:
• Extending cellular network access
• Link up with the intranets, Internet, and so on.
 Education:
• Campus settings and Universities.
• Classrooms.
• Ad hoc Network created for a meetings or lectures.
 Home and enterprise:
• Used in the wireless networking in office or home.

• Conferences, meeting rooms.
 Context aware services:
• Follow-on services: mobile workspace, call-forwarding,
• Information services: time dependent services, location specific services.
 Commercial and civilian environments:
• E-commerce: electronic payments
• Business: mobile offices and dynamic database access
• Shopping malls, trade fairs, sports stadiums and so on.
• Networks of visitors inside the airports [5].
1.4 Disadvantages of MANET
Some of the disadvantages of MANETs are as follows;
 Limited resources and physical security
 Intrinsic mutual trust vulnerable to attacks
 Lack of authorization facilities
 Volatile network topology makes it hard to detect malicious nodes

 Security protocols for wired networks cannot work for ad hoc networks.
1.1.4 Challenges of MANET
 Dynamic topology/Networks: Nodes are mobile and connected dynamically
in a random manner. Links of the network vary timely and are based on the
closeness of one node to another.
 Independent Network: No centralized administration node is available to
handle the operation of the different mobile nodes.
 Device discovery: Identifying relevant mobility in nodes and informing
about their existence need movable updates, route selection to facilitate
automatically
 Bandwidth optimization: The wired links have higher capacity then
wireless links
 Resource limitations: Mobile node depends on battery power, power and
storage capacity.
 Scalability: Scalability could be defined as whether network is able to
provide an acceptable level of services even in a presence of the extensive
number of nodes.
 Ad-hoc addressing: It belongs to addressing scheme which is to be
implemented.

 Network configuration: The dynamic connection and disconnection of the
variable links. Of MANE infrastructure is due to dynamic nature.
 Topology maintenance: Updating information of dynamic links among the
nodes in MANETs is a great challenge [6].
1.2 Motivation
Mobile Ad-Hoc Networks are most usefully in current environments. It’s required high
performance, networks load and Throughput. In Mobile Ad-hoc Networks Routing is the
hot topic for research. Basically two types routing protocols are work in the mobile Ad-
hoc Networks: 1) Proactive and 2) Reactive. Researchers have projected different
routing algorithm. Important work has been done on routing in ad hoc networks, some of
the important works so far were the destination-sequence distance vector (DSDV)
protocol, the temporally ordered routing protocol (TORA), dynamic source routing
protocol (DSR) and ad hoc on demand routing protocol (AODV). These algorithms use
Open Shortest Path First (OSPF) for find optimum route source to destination.
Malicious node is the main responsible for disturb the correct operation and reduce the
performance and throughput. Only malicious node is responsible for all possible attack
in mobile ad-hoc networks.

1.3 Problem statement
 In Ad hoc network where node work as a mobile and changing their position
in the network continuously so network is affected from malicious behavior
node.
 Performance of AODV is affected by the malicious behavior node because it
is main security threat in the MANET network. This type of problem is
arising due to routing performance in malicious .behavior node environment.
 Throughput and End-to End delayed depend on number of nodes as the
number of nodes increase, Throughput will decrease and End-to End delayed
increases.
 We are lagging in securing the network of AODV due to this malicious
behavior environment with less delay.
1.4 Goal
 The main objective of work is to check performance of Network in malicious
behavior of node environment and provide the prevention to the attack.
 Analysis of prevention scenarios, Throughput and end-to-end Delay for
Denial of Service (DoS) and Black Hole attacks and.

 The main focus of work for securing the network in malicious behavior
environment with less delay. Which improve the performance of MANET
and improve packet delivery rate.
1.5 Routing protocols in MANET
In Mobile ad hoc network Routing is primarily and most important concept for
communication in the network. The aim of routing is to find out and select the best route
between communicating node, when a communication take place between nodes in the
network intermediate node play a important role because when source node send route
request to destination node and destination node give reply of the route request to source
node, In this intermediate node take a part in communication between source to
destination, then create a route reply and sends the route reply to the source node
through intermediate node.
1.5.1 Characteristics of Routing Protocol
 It must be fully distributed in dynamic environment.
 It must be adaptive to frequent topology changes caused by the mobile nodes.
 It has an intelligent route discovery process and uses a loop-free routing.
 It produces reliable end-to-end transmission using limited bandwidth,
memory, battery and computing power.
 It maintains the particular level of quality of service.

1.6 Classifications of routing protocols
There are three types of routing protocols in Mobile ad-hoc networks.
1. Table Driven Routing Protocols.
2. On Demand Routing Protocols.
3. Hybrid Routing Protocol
The DSDV (Destination Sequenced Distance Vector Routing protocols), WRP (wireless
Routing protocol), OLSR (Optimized Link State Routing Protocol) is the Table driven
Routing protocols and AODV (Ad-hoc On-Demand Distance vector routing protocol),
DSR (Dynamic Source Routing protocol) are the On-Demand Routing Protocols.
Fig. 1.2 Classification of Routing Protocol in MANET
DSDV WRP OLSR AODV
V
DSR
Routing Protocols in MANET
Table Driven
Routing Protocols
On Demand
Routing Protocols
Hybrid Routing
Protocols

1.6.1 Table Driven Routing Protocols:
It is also called Proactive Routing Protocols. The Proactive means it works or maintains
the routing information before the source node wants to send packet or information to
the destination. The Table Driven Routing protocols maintain the updated path from
each to every node available in the networks. In these protocols every node needs to
maintain the routing table for storing the routing information. When topology of network
gets any changes, then routing table also get updated and stores the fresh or up-to date
information.
1.6.1.1 Destination Sequenced Distance Vector Routing Protocols (DSDV):
The Destination sequence distance vector routing protocols (DSDV) is the Table Driven
Routing Protocols. It is based on the Bellman-ford Routing Algorithm. The bellman
algorithm is used for finding the optimum path or route in the network. The Fig1.3 (a) is
DSDV routes establish for mobile networks. In this network nodes are connected to each
other. Table 1.1 (b) here is defining the routing table for Node 1. Node 1, routing table
is storing the information of every node connected to the network. The routing table
consists of information like Destination from Node 1, Next hop, Distance between Node
1 to other nodes and randomly generated Destination Sequence number.

Fig 1.3 (a) DSDV Route Establish: Networks
Table 1.1 (b) DSDV Route Establish: Node 1 Routing
In this protocol every node maintains a routing table that lists all current destinations.
The number of hops required reaching source node to destination node and sequence
Destination Next Hope Distance Destsequence
2 2 1 22
3 2 2 37
4 2 2 41
5 2 4 50
6 2 3 99
7 2 4 121
8 2 5 109
3
2
4
7
1
6
8
5

number is assigned by the destination node. Sequence number is used to decide old
route from new one and also to ignore the configuration loops. The node has frequently
broadcast their routing table to their immediate neighbors. Every node also broadcast its
routing table, if any change has occurred in its table from the last update.
In Fig 1.4 (a) and Table 1.2 (b) Node 7 is disconnected from Node 6 and established
connection with Node 8. So the routing table of Node 7 updated. Node 6 notices the
link-break and sends the updates with new route information.
Table Driven routing table updates are of two types: Full dumps and Incremental
updates. If the routing table updating is full dump, then the whole routing table to be
sends to the neighbor’s node. It update incrementally, only position changed entries sent
from the routing table since the final update and fit in a packet.
Fig 1.4 (a) DSDV Route Maintenance
3
2
4
7
1
6
8
5
7

Table 1.2 (b) DSDV Route Maintenance
When MANET network is stable, then incremental updates are sent to avoid over traffic.
If space in the update increments, then those entries whose sequence number has been
changed may be included. If two routes have the same sequence number then based on
the previous information or record, the shortest route will choose by the node and also
guess the settle time of routes. DSDV protocol reduces the Count to infinity problem and
provides loop free paths.
Destination Next Hope Distance Destsequence
2 2 1 22
3 2 2 37
4 2 2 41
5 2 4 50
6 2 3 99
7 2 4 121
8 2 5 109

1.6.1.2 Wireless Routing Protocol (WRP)
Wireless routing protocol is distance based distributed Bellman-Ford algorithms. and is
similar to DSDV. The WRP protocols can hold the routing information about all
communicating nodes in the network. WRP protocol maintains the precise and up-to-
date information about the network. In each node four routing tables were maintained
namely Message Transmission List (MST) are maintained. Distance Table (DT), Link
Cost Table (LCT) and Routing Table (RT).
The Distance Table (DT) consists of the destination node of distance and predecessor
node is maintained by neighboring nodes of that destination. All the up-to-date
information of destination is maintained by the Routing Table (RT). It also records the
hop number, shortest distance of path, from source to destination, predecessor &
successor node and flag. The flag indicates the status of the path. These are simple path
or a loop or the destination node not marked. Therefore this protocol avoids the problem
of counting-to-infinity. The Link Cost Table contains cost, hop number and periodic
updates. The broken link cost is denoted by (∞). The Message Transmission List (MSL)
contains retransmission of counter, the sequence Number, list of updates for updating of
the messages.
Update each message maintains the list of updates. Each and every transmission, the
counter value is decreased. The entry of each node is stored in Routing Table (RT). Each
node propagates the update messages within the network. If a node is not sending the
update messages, then it must send any other node’s message within the time for

continuing the connectivity. Similarly, if each node receives a message from new node,
then the new node entry must stored in the route table for avoiding the count-to-infinity
problem.
1.6.1.3 Optimized Link State Routing Protocol (OLSR)
Optimized Link State Routing Protocol is a proactive or table-driven routing protocol. It
is also a pure link state routing protocol. Optimized Link State Routing (OSLR) hold
request message i.e. hello message and Topology Control (TC) Messages to search the
link messages entire the network.
The protocol manages neighbour sensing, MPR selectors (Multipoint Relay) and MPR
information. Each node are using MPR selectors for selecting one-hop & two-hop
neighbours and also for periodically broadcasting the messages over the network. The
neighbour sensing hello messages contains list of the address of neighbours with
bi-directional link or two- hop neighbours. The neighbour node is selected on the basis
of MPR selectors. Each node selects its own set of Multi Point Relay. MPR information
contains TC messages and topology table.
The TC messages use the MPR selector table and sequence number to send their updates
throughout the network. The TC messages and routing tables were maintained by the
topology table. Each node maintains routing table. It consists of Destination address,
Next-hop-address and Distance for all known destination in the network. Routing paths
are calculated by the topology tables and recalculated after every updates in the network

in the neighboring route. Every node broadcast periodic message in the network, and
gets message using topology control message. Therefore, entry exist in topology table
for the same destination with higher sequence number, then the TC message for same
destination with low sequence number is discarded and also the new entry is recorded
1.6.2 On-Demand Routing Protocols
An on-Demand routing strategy creates and maintains path between source and
destination only when required and does not maintain a permanent routing entry in
routing of each destination. It includes two processes:
 Discovery of Route: When the source node, S wants to send a packet to the
destination node, it first checks its routing table to find the route to the
destination, if it is there, then the same route will use. Otherwise, it initiates
process of route discovery process through a packet having the address of
destination and the address of intermediate nodes to the destination.
 Route maintenance: Due to nature of node mobility or routing overhead, the
nodes changes their topology and hence the route maintenance must do.
Route maintenance is processed through the use of topology update messages
(acknowledgement).
There are two types’ reactive routing protocols.
 AODV (Ad-hoc On Demand Distance Vector Routing Protocols)
 DSR (Dynamic Source Routing Protocols)

1.6.2.1 AODV (Ad-hoc On Demand Distance Vector Routing Protocols)
Ad-hoc On-Demand Distance Vector Routing Protocol is using a multi-hop technology
based on distance vector routing protocol. The routes were created only when needed for
communication between source and destination through intermediate mobile hosts.
In AODV [3], Ad-hoc means node move or connected or disconnected with the
networks any time, On Demand means when a source node, S wants to send data to the
destination, D, Distance means find the distance between source to destination in terms
of number of hope counts and Vector means list of information stored in the node’s
information list.
Every transmission using Source Address, Destination Address, Source ID, Destination
ID, Source Sequence Number, Time to Live (TTL) Destination Sequence Number.
These protocols use the Open Shortest Path First (OSPF) method/Algorithm. The
AODV algorithm uses some approaches for path or route establishment [13].
Route Request (RREQ): In Route Request source node broadcast/transmit the route
request message for specific destination neighbor’s node to pass the message to
destination
Route Reply (RREP): In Route Reply, destination uses the unicast route for reply
message to source. The neighbor nodes make next hop entry for destination and forward
the reply. If source receives multiple replies then it use the replies whose one with the
shortest hop count route/path.

SSN (Source Sequence Number) and DSN (Destination Sequence Number): When
source node sends the broadcast packet with sequence number and destination sequence
number, then it is defining the fresh path.
Route Error (RERR): When a route error message is generated in the network then
there is a network link break between sources and destination. The AODV routing
protocols detects nodes if there is possible do the local repairing. When link break
occurred in optimum path then the neighbouring node to sent previous request for
sending the message to destination.
RREQ
Source Destination
Fig 1.5 Route Request Message in AODV
Fig 1.5 is a mobile wireless network. Node 1 (Source) to Node 8 (Destination Node)
flood the route request packets with a source sequence within the network. Node 1 send
route request to all neighbors and neighbors through Destination.
1
5
2 7
6
3 4
8

RREP
Source Destination
Fig 1.6 Route Reply Message in AODV
In Fig 1.6 Destination uses the unicast path for the route reply. Destination in the figure
is replying the route request on symmetric link. Destination Sequence number is
defining the freshness of the route/path. In network source node counts the number of
hop to reach the destination and find the route with minimum number of hopes. Source
node selects this route for data transfer.
RERR
Source Destination
Fig 1.7 Route maintenance
1
5
2 7
6
3 4
8
1
5
2 7
6
3 4
8

In AODV route maintenance happens when link break in the network, it broadcasts the
route error (RERR) packet to its neighbors, which in reply propagates the RERR packet
towards the node whose routes may be affected due to the disconnected link. Then, the
affected source node can re-initiate a route discovery process if the route is still desired.
Neighbor node informs all other neighbors in the network that this link does not exist,
so don’t send any packet on that link. In Fig 1.7 there is a link break between Node 4
and Node 8.So node 4 informs Node 3 that there is a link break so choose another
optimum path.
1.6.2.1.1 Advantages of AODV
 The AODV protocol does not require any such inner organizational
method to handle any routing process.
 In AODV routes are established on the demand basis and that destination
sequence numbers are applied for finding the latest route to the
destination node.
 The connection setup delay is lower.
 The AODV protocols are loop free and avoid the count to infinity
problem.
1.6.2.2 DSR (Dynamic Source Routing Protocols)

DSR also a reactive routing protocols. A node maintains the route caches containing
source routes that it is aware of. The node update entry in the route cache and it learn
regarding fresh or latest route.
This routing protocol has two main phases:
 Route Discovery
 Route Maintenance.
When source node wants to send information or packet to the destination, it searches in
the route cache to find out whether there is an existing route to destination, if it found
that unexpired path to the destination exists in route cache, and then it uses this
path/route to send the packet or information. But if node does not have any route then it
starts the route discovery process using broadcasting/transmitting a route request packet.
The route request packet has source address and also has unique identification number.
Every middle node checks whether it knows the route to destination. If it does not know,
then it stores address to the route record of the packet and pass the packet to its
neighbors.
A route reply message generated either the middle node or destination node with up to
date information about the destination after receiving the route request packet. A route
request packet reach at node already contains in the route record, the sequence of hops
are taken from the source to this node. The route request packet propagates through the
networks.

Fig 1.8 Route Establishment
The route record is produced below as shown in Fig 1.8 if route reply is generated by the
destination node, after this it places a route record from the route request packet into the
route reply packet. If middle node generates route reply then it stores its cached route
and sends to destination with route record of route request packet and adds that into the
route reply packet.
4
6
10
1
2
3
7
9
11
14
15
13
12
8
5
Source ID
Destination ID
Network Link
Route Request
Route Reply
Path1: 1-2-3-7-9-13-15
Path2:1-5-4-12-15
Path3:1-6-10-11-14-15

The route reply packet individually sent by destination itself. The node responding to
route reply packet sent by destination has a route to source. If it has route to the source
in its route cache then it will use that route. The reverse of route record use, if symmetric
links are supporting. If symmetric link are not supporting then the node can start route
discovery to source and can attach the route reply to this new route request.
Fig 1.9 Route maintenance
The route reply packet individually sent by destination itself. The node responding to
route reply packet sent by destination has a route to source. If it has route to the source
4
6
10
1
2
3
7
9
11
14
15
13
12
8
5
Source ID
Destination ID
Network Link
Select Path
Route Error
Broken Link

in its route cache then it will use that route. The reverse of route record use, if symmetric
links are supporting. If symmetric link are not supporting then the node can start route
discovery to source and can attach the route reply to this new route request. The DSR
routing protocols use two type of packets for route maintenance: Route Error and
Acknowledgements.
When a node encounter a deadly broadcast problem at data link layer then it generate
route error packet. When nodes receive the route error packet, it will remove the hop
from its route cache. All routes that contain the hop in error are reduced at that position.
Acknowledgement packets are used to verify the proper operation of the route link. Also
include the passive acknowledgment in which the next hop passing the packet next to
the route.
1.6.3 Hybrid Routing Protocols
The Hybrid routing protocol is combination of the both such as reactive and proactive
routing protocols. It was proposed to minimize the control overhead of Proactive
Routing Protocols and also to decrease the latency caused by route discovery within
reactive routing protocols example of this is ZRP.
ZRP was planned to minimize the control overhead of the proactive routing protocols
and discovery in the reactive routing protocols and also decrease latency caused by the
route. The ZRP consists of several numbers of components, and these together

components give the benefits of ZRP. Each components work independently to provide
the efficient result.
Components of ZRP are:
 IARP ( Intrazone Routing Protocol )
 IERP ( Interzone Routing Protocol)
 BRP (Boardercast Resolution protocol )
The IARP is the first component of ZRP. The IARP is used for the communication with
the interior node inside a zone. If a network topology change, node may get change
rapidly. it allow for only local route. IERP is a global reactive component of ZRP. It
uses the reactive approach to communicate with nodes outside the zone. It changes the
way a route discovery is handled. The route queries issued by IERP is when request for
the route issue. BRP is used to direct the route request initiated by a global reactive
IERP. It is used to maximize efficiency and increase the disused queries.
1.7 Organization of the Thesis
Literature Survey is discussed in the chapter 2, this section is covered with various
security issues, Taxonomy of AODV and Literature review of AODV.
In chapter 3 various attacks in AODV and Problem statement are discussed such as Dos
and Blackhole attack, malicious node and problem statement due to Denial of service
attack and Black hole attack in the Network Layer.

The chapter 4, in this proposed work of my research works is discussed. Explained the
actually flow of research and explain about the research scheme.
The chapter 5 and 6 consists of the experimental results and conclusion here defines the
simulation model NS-2 for implementation and specification of parameters and
discussed about the initials developed networks and after add malicious node for build
up the Denial of Service and Black Hole attacks. Provide the results both environments
in terms of End-to-End delay and Throughput. And Conclusion and future work of
thesis.

Appendix I- Terminology
I.1 General Terms
Bandwidth: Total link capacity of a link to carry information
Channel: In this physical medium is divided into logical channel allowing possibly
shared uses of the medium. Channels are made by available subdividing the medium
into distinct time slots, distinct spectral bands.
Convergence: The process of approaching a state of the equilibrium in that all nodes in
the networks are agree on a consistent state about the topology using in the network.
Flooding: Flooding is a process of delivering data or control message to every node
within the any data network.
Host: Any node that is not a router.
Interface: A node attachment to a link
Link: A communication facility or a medium over which nodes can communicate at the
link layer.
Loop free: Once a path has been taken by a packet never transits the same intermediate
node twice before arrival at the destination.
Neighbor: The node within transmitter range of another node on the same channel.

Next hop: A neighbor, which has been designed to forward packets along the way to a
particular destination.

CHAPTER 2
LITERATURE SURVEY
2.1 Routing Protocols
Routing is the mechanism used to move data information from one place such as source
node to another place such as destination node on the internetwork. At least one
intermediate node of the internetwork will be encountered during the transfer of
information. In the routing normally two activities to be involved in this concept such
that first one is as determining optimal routing paths and second one is that transferring
of the packets through the network. The transferring of data packets on the network
through an internetwork is called as packet switching. Routing protocols use several
metrics as a standard measurement for calculating a best path for routing the packets to
its destination on the network that could be number of hops, which are used by the
algorithm known as routing algorithm to determine the optimal path for the packet to its
destination. In path determination process a routing algorithm find out and maintain
routing tables that has routing information of the network on that data packet has to
transfer. The information of route in routing tables varies from one routing algorithm to
another. The routing tables to be filled with the entries such as IP-Address prefix and the
next hop. Destination/next hop associations of routing table tells the router that a desire
location can be reached optimally by sending the data packet to a router in the network
represents the next hop on its way to the find the destination and IP-Address prefix
specifies destinations for which the routing entry is valid. The routing protocol may be
classified into two types such as static routing protocol and dynamic routing protocol.

Static routing refers to the routing mechanism being stated as manually or statically, in
the router. Static routing maintains a routing table usually it is written by a networks
administrator. The routing table never depend upon the situation of the network status,
i.e., whether the destination node is active or not. Dynamic routing refers to the routing
procedure that is being learnt intelligently by an interior routing protocol or exterior
routing protocol. Such type routing primarily depends on the situation state of the
network i.e., the routing table is affected by the activeness of the destination.
2.2 Routing in Mobile Ad hoc Networks
A Mobile Ad-Hoc network is self-organizing and self-configuring multi-hops wireless
and decentralizes networks, where the state of the structure of the network changes
dynamically. This is mainly cause of the mobility of the nodes in the network; nodes in
the networks always try to utilize the same random access wireless channel of the
network, cooperating in an intimate manner to engaging themselves in the multi-hop
forwarding. The mobile nodes in the network only does not acts as a hosts, but also as
routers that route data to from the others nodes in network. In mobile ad-hoc networks
there is no need of pre existing infrastructure support as wireless networks, and since a
destination node might be out of range of a source node to transferring data packets; so
that there is need of a routing procedure. This is always ready to find a path so as to
forward the data packets appropriately between the source node and the destination
node. Within a cell, a base station can reach to all mobile nodes without using a routing
via broadcast in common scenario of the networks. In Ad-Hoc network each node must
be able to forward the data packets for other nodes. This always creates additional

problems due to dynamic nature of topology which is unpredictable connectivity
changes problems along with the nature of dynamic topology which is unpredictable
connectivity changes.
2.3 Properties of Ad-Hoc Routing protocols
The properties that are desirable in Ad-Hoc Routing protocols are:
i). Distributed operation: This is a property of Ad-Hoc routing protocol in this the
protocol should be distributed. It should not be dependent on a centralized administrator
that controls the network. The dissimilarity is that the nodes in an Ad-Hoc network is
able to leave or enter in the network very easily because of mobility the network can be
partitioned.
ii). Loop free: The overall performance of the network can be improved with better
selection of the protocol. The routing protocol should be assurance that the routes
supplied are loop free and these avoid any misuse of the bandwidth or CPU
consumption.
iii). Demand based operation: To minimize the control overhead in the network it
should not misuse the network resources, protocol should be reactive in nature and
protocol should react only when it is needed and should not periodically broadcast
control information.

iv). Unidirectional link support: The radio environment is a cause of formation of an
unidirectional links. Even not only the bi-directional links improves the routing protocol
performance along with utilization of these links and.
v). Security: The radio environment is especially vulnerable to impersonation attacks so
it becomes more important to ensure the wanted behavior of the routing protocol we
have to need some sort of security issues. Authentication and encryption is a way of
delivery data packets and problem is that here within distributing the keys among the
nodes in the ad-hoc network.
vi). Power conservation: The nodes in the Ad-Hoc network may be the laptops and thin
clients such as PDA that are limited to the battery power and therefore uses some
standby mode to save the power. Therefore, it is very important that the routing protocol
has to support for these sleep modes.
vii). Multiple routes: To reduce the number of reactions in the topological changes and
congestion multiple routes can be used for data packet delivery. If one route becomes
invalid, it is possible that another stored route could be still valid and thus saving the
routing protocol from initiating another route discovery procedure.
viii). Quality of Service Support: Some sort comings of Quality of service is necessary
to incorporate into the routing protocol. This helps us to find that what these networks
will be used for. It could be for instance real time traffic support.

For more than two decades, the extensive research work has been done in this area. This
chapter will discuss the various techniques and ways, proposed by different researchers
for preventing and avoiding different attacks and malicious nodes in AODV and
improve the packets delivery ratio in the network, end to end delay and throughput.
Many researchers measure the performance of AODV in malicious environment.
In this we will classify the field of attacks and counter measures and measure the
performance on the basis of different parameter like delivery ratio, end to end delay etc.
we will discuss the applicability of this field vividly in current network age with issues
and challenges faced during over coming them.
2.4 Classification of Routing Protocols
Classification of routing protocols in Mobile Ad-Hoc Network can be made in several
ways, but most of these are done depending on routing strategy and network structure.
We can classify some routing protocols as a flat routing, hierarchical routing and
geographic position assisted routing depending on the structure of the network.
According to the routing strategy routing protocols can be classified as Table-driven and
source initiated.
2.4.1 Flat Routing Protocols
Flat routing protocols are divided mainly into two classes such as first one is the
Proactive Routing (table driven) protocols and second one is the reactive (on-demand)
routing protocols. There is one thing in general for both protocol classes is that every
node participating in routing play an equal role. Further they have been classified after

their design principles; proactive routing is mostly based on link-state, while on-demand
routing is based on DV (distance-vector).
2.4.1.1 Pro-Active / Table Driven routing Protocols
Proactive MANET protocols are also referred as table-driven routing protocols and will
actively determine the network layout. Through a regular exchange of topology of the
network packets between the nodes of the network, at every single node an absolute
scenario of the network is maintained. There is hence minimal delay in determining the
route to be taken.
When the routing information becomes worthless quickly its become important for the
time-critical traffic, there are many short-lived routes that can be determined and they
are not used before they turn invalid. The amount of traffic overhead generated when
evaluating these unnecessary routes is another drawback resulting from the increased
mobility. The portion of the total control traffic consists of actual practical data is further
decreased. Lastly, most of the routing information is considered redundant if the nodes
transmit infrequently. However, the nodes continue to expend energy by continually
updating these unused entries in their routing tables as mentioned. In this situation
energy conservation is very important factor in the MANET system design. Therefore,
this excessive expenditure of energy is not desired in this case proactive protocols in
MANET works better. This protocol has low node mobility, where the nodes transmit
data frequently. The proactive routing protocols in MANET include;
 Optimized Link State Routing (OLSR).

 Destination-Sequenced Distance Vector (DSDV)
 Fish-eye State Routing (FSR).
 Cluster-head Gateway Switch Routing Protocol (CGSR).
2.4.1.2 Reactive (On Demand) protocols
Portable notebooks nodes, palmtops or even mobile phones usually consist of wireless
Ad-Hoc networks. This portability also brings a significant issue of mobility. This is a
key issue in The Ad-Hoc Networks. Due to the mobility of the nodes the topology of
the network continuously changes. This is not a easy task to keeping track of this
topology, and too many resources may be consumed in signaling. These are based on
the design that there is no point on trying to have a scenario of the entire network
topology, since it constantly changes. Instead, whenever a node looks for a route to a
destination, it initiates route discovery process, for discovering out a pathway reactive
protocol try to set up routes on-demand. The basic purpose of routing protocol is to
establish such a route, whenever any node wants to communicate with another node and
it has no route. This kind of protocols is usually based on flooding of the message on
the network with RREQ and RREP messages. By the help of Route Request message
the route is discovered from source to target node and as well target node receives a
RREQ message it send RREP message for the confirmation for the route has been
established. This kind of protocol is usually very effective on single-rate networks.
Usually, it minimizes the number of hops for the selected path. However, on multi-rate

networks, the number of hops is not as important as the throughput that can be obtained
on a given path. The different types of On Demand driven protocols are:
 Ad-Hoc On Demand Distance Vector routing protocol (AODV)
 Dynamic Source routing protocol (DSR)
 Temporally ordered routing algorithm (TORA)
 Associativity Based routing protocol (ABR)
 Signal Stability-Based Adaptive Routing protocol (SSA)
 Location-Aided Routing Protocol (LAR)
2.4.1 Hybrid Routing Protocols
Both proactive and reactive routing protocols works better in the oppositely different
scenario and hybrid method uses both. It is used to find a balance between both
protocols such proactive operations to be restricted to small domain, whereas, reactive
protocols are used for locating nodes that are outside the domains. Examples of hybrid
protocols are:
 Zone Routing Protocol, (ZRP)
 Wireless Ad hoc Routing Protocol, (WARP)
2.4.3 Hierarchical Routing Protocols
As the size of the wireless network increases produce too much overhead for the
MANET. In this circumstance a hierarchical solution may be preferable and these are:
 Hierarchical State Routing (HSR).

 Zone Routing Protocol (ZRP).
 Cluster-head Gateway Switch Routing Protocol (CGSR).
 Landmark Ad Hoc Routing Protocol (LANMAR).
2.4.4 Geographical Routing Protocols
There are two approaches to geographic mobile ad hoc networks:
1. Actual geographic coordinates (as obtained through GPS – the Global Positioning
System).
2. Reference points in some fixed coordinate system.
An advantage of geographic routing protocols is that they prevent network-wide
searches for destinations. If the recent geographical coordinates are known then control
and data packets can be sent in the general direction of the destination. This trim downs
control overhead in the network. A disadvantage is that all nodes must have access to
their geographical coordinates all the time to make the geographical routing protocols
useful. The routing updates must be done faster in compare of the network mobility rate
to consider the location-based routing effective. This is because locations of nodes may
change quickly in a MANET. Examples of geographical routing protocols are:
 Geo Cast (Geographic Addressing and Routing)
 DREAM (Distance Routing Effect Algorithm for Mobility)
 GPSR (Greedy Perimeter Stateless Routing)


2.5 AD HOC ON-DEMAND DISTANCE VECTOR (AODV)
The Ad hoc On-Demand Distance Vector (AODV) algorithm enables dynamic, self-
starting, multihop routing between participating mobile nodes wishing to establish and
maintain an ad hoc network. AODV allows mobile nodes to obtain routes quickly for
new destinations, and does not require nodes to maintain routes to destinations that are
not in active communication. AODV allows mobile nodes to respond to link breakages
and changes in network topology in a timely manner. The operation of AODV is loop-
free, and by avoiding the Bellman-Ford "counting to infinity" problem offers quick
convergence when the ad hoc network topology changes (typically, when a node moves
in the network). When links break, AODV causes the affected set of nodes to be notified
so that they are able to invalidate the routes using the lost link. One distinguishing
feature of AODV is its use of a destination sequence number for each route entry. The
destination sequence number is created by the destination to be included along with any
route information it sends to requesting nodes. Using destination sequence numbers
ensures loop freedom and is simple to program. Given the choice between two routes to
a destination, a requesting node is required to select the one with the greatest sequence
number.

Figure 2.1 A possible path for a route reply if A wish to find a route to J
Route Requests (RREQs), Route Replies (RREPs), and Route Errors (RERRs) are the
message types defined by AODV. These message types are received via UDP, and
normal IP header processing applies. So, for instance, the requesting node is expected to
use its IP address as the Originator IP address for the messages. For broadcast messages,
the IP limited broadcast address (255.255.255.255) is used. This means that such
messages are not blindly forwarded. However, AODV operation does require certain
messages (e.g., RREQ) to be disseminated widely, perhaps throughout the ad hoc
network. The range of dissemination of such RREQs is indicated by the TTL in the IP
header. Fragmentation is typically not required. As long as the endpoints of
communication connection have valid routes to each other, AODV does not play any
role. When a route to a new destination is needed, the node broadcasts a RREQ to find a
route to the destination. A route can be determined when the RREQ reaches either the
destination itself, or an intermediate node with a 'fresh enough' route to the destination.
A 'fresh enough' route is a valid route entry for the destination whose associated

sequence number is at least as great as that contained in the RREQ. The route is made
available by unicasting a RREP back to the origination of the RREQ. Each node
receiving the request caches a route back to the originator of the request, so that the
RREP can be unicast from the destination along a path to that originator, or likewise
from any intermediate node that is able to satisfy the request. Nodes monitor the link
status of next hops in active routes. When a link break in an active route is detected, a
RERR message is used to notify other nodes that the loss of that link has occurred. The
RERR message indicates those destinations (possibly subnets) which are no longer
reachable by way of the broken link. In order to enable this reporting mechanism, each
node keeps a "precursor list", containing the IP address for each its neighbors that are
likely to use it as a next hop towards each destination. The information in the precursor
lists is most easily acquired during the processing for generation of a RREP message,
which by definition has to be sent to a node in a precursor list If the RREP has a nonzero
prefix length, then the originator of the RREQ which solicited the RREP information is
included among the precursors for the subnet route (not specifically for the particular
destination). A RREQ may also be received for a multicast IP address. In this document,
full processing for such messages is not specified. For example, the originator of such a
RREQ for a multicast IP address may have to follow special rules. However, it is
important to enable correct multicast operation by intermediate nodes that are not
enabled as originating or destination nodes for IP multicast address, and likewise are not
equipped for any special multicast protocol processing. For such multicast-unaware
nodes, processing for a multicast IP address as a destination IP address MUST be carried

out in the same way as for any other destination IP address. AODV is a routing protocol,
and it deals with route table management. Route table information must be kept even for
short-lived routes, such as are created to temporarily store reverse paths towards nodes
originating RREQs. AODV uses the following fields with each route table entry:
 Destination IP Address
 Destination Sequence Number
 Valid Destination Sequence Number flag
 Other state and routing flags (e.g., valid, invalid, repairable, being repaired)
 Network Interface
 Hop Count (number of hops needed to reach destination)
 Next Hop
 List of Precursors
 Lifetime (expiration or deletion time of the route
2.6 AODV Terminology
Active route: It is a route towards a destination that has a routing table entry that is
marked as valid. Only active routes can be used to forward data packets.
Broadcast: Broadcasting means transmitting to the IP Limited Broadcast address,
255.255.255.255. A broadcast packet may not be blindly forwarded, but broadcasting is
useful in enabling dissemination of AODV messages throughout the ad hoc network.

Destination: It is an IP address to which data packets are to be transmitted. It is the
same as "destination node". A node knows it is the destination node for a typical data
packet when its address appears in the appropriate field of the IP header. Routes for
destination nodes are supplied by action of the AODV protocol, which carries the IP
address of the desired destination node in route discovery messages.
Forwarding node: It is a node that agrees to forward packets destined for another node,
by retransmitting them to a next hop that is closer to the unicast destination along a path
that has been set up using routing control messages.
Forward route: It is a route set up to send data packets from a node originating a Route
Discovery operation towards its desired destination.
Invalid route: It is a route that has expired, denoted by a state of invalid in the routing
table entry. An invalid route is used to store previously valid route information for an
extended period of time. An invalid route cannot be used to forward data packets, but it
can provide information useful for route repairs, and also for future RREQ messages.
Originating node: It is a node that initiates an AODV route discovery message to be
processed and possibly retransmitted by other nodes in the ad hoc network. For instance,
the node initiating a Route Discovery process and broadcasting the RREQ message is
called the originating node of the RREQ message.

Reverse route: It is a route set up to forward a reply (RREP) packet back to the
originator from the destination or from an intermediate node having a route to the
destination.
Sequence number: It is a monotonically increasing number maintained by each
originating node. In AODV routing protocol messages, it is used by other nodes to
determine the freshness of the information contained from the originating node. [7]
2.7 Operations
2.7.1 Maintaining Sequence Numbers
Every route table entry at every node MUST include the latest information available
about the sequence number for the IP address of the destination node for which the route
table entry is maintained. This sequence number is called the "destination sequence
number". It is updated whenever a node receives new (i.e., not stale) information about
the sequence number from RREQ, RREP, or RERR messages that may be received
related to that destination. AODV depends on each node in the network to own and
maintain its destination sequence number to guarantee the loop-freedom of all routes
towards that node. A destination node increments its own sequence number in two
circumstances:
 Immediately before a node originates a route discovery, it MUST increment its
own sequence number. This prevents conflicts with previously established
reverse routes towards the originator of a RREQ.

 Immediately before a destination node originates a RREP in response to a
RREQ, it MUST update its own sequence number to the maximum of its current
sequence number and the destination sequence number in the RREQ packet.
When the destination increments its sequence number, it MUST do so by treating the
sequence number value as if it were an unsigned number. To accomplish sequence
number rollover, if the sequence number has already been assigned to be the largest
possible number representable as a 32-bit unsigned integer (i.e., 4294967295), then
when it is incremented it will then have a value of zero (0).On the other hand, if the
sequence number currently has the value 2147483647, which is the largest possible
positive integer if 2's complement arithmetic is in use with 32-bit integers, the next value
will be 2147483648, which is the most negative possible integer in the same numbering
system. The representation of negative numbers is not relevant to the increment of
AODV sequence numbers. This is in contrast to the manner in which the result of
comparing two AODV sequence numbers is to be treated
In order to ascertain that information about a destination is not stale, the node compares
its current numerical value for the sequence number with that obtained from the
incoming AODV message. This comparison MUST be done using signed 32-bit
arithmetic, this is necessary to accomplish sequence number rollover. If the result of
subtracting the currently stored sequence number from the value of the incoming

sequence number is less than zero, then the information related to that destination in the
AODV message MUST be discarded, since that information is stale compared to the
node's currently stored information.
The only other circumstance in which a node may change the destination sequence
number in one of its route table entries is in response to a lost or expired link to the next
hop towards that destination. The node determines which destinations use a particular
next hop by consulting its routing table. In this case, for each destination that uses the
next hop, the node increments the sequence number and marks the route as invalid.
Whenever any fresh enough (i.e., containing a sequence number at least equal to the
recorded sequence number) routing information for an affected destination is received
by a node that has marked that route table entry as invalid, the node SHOULD update its
route table information according to the information contained in the update. A node
may change the sequence number in the routing table entry of a destination only if:
 it is itself the destination node, and offers a new route to itself, or
 it receives an AODV message with new information about the sequence
number for a destination node,
 the path towards the destination node expires or breaks.
2.7.2 Generating Route Requests
A node disseminates a RREQ when it determines that it needs a route to a destination
and does not have one available. This can happen if the destination is previously
unknown to the node, or if a previously valid route to the destination expires or is

marked as invalid. The Destination Sequence Number field in the RREQ message is the
last known destination sequence number for this destination and is copied from the
Destination Sequence Number field in the routing table. If no sequence number is
known, the unknown sequence number flag MUST be set. The Originator Sequence
Number in the RREQ message is the node's own sequence number, which is
incremented prior to insertion in a RREQ. The RREQ ID field is incremented by one
from the last RREQ ID used by the current node. Each node maintains only one RREQ
ID. The Hop Count field is set to zero.
Before broadcasting the RREQ, the originating node buffers the RREQ ID and the
Originator IP address (its own address) of the RREQ for PATH_DISCOVERY_TIME.
In this way, when the node receives the packet again from its neighbors, it will not
reprocess and re-forward the packet. An originating node often expects to have
bidirectional communications with a destination node. In such cases, it is not sufficient
for the originating node to have a route to the destination node; the destination must also
have a route back to the originating node. In order for this to happen as efficiently as
possible, any generation of a RREP by an intermediate node for delivery to the
originating node SHOULD be accompanied by some action that notifies the destination
about a route back to the originating node. The originating node selects this mode of
operation in the intermediate nodes by setting the 'G' flag. .
A node SHOULD NOT originate more than RREQ_RATELIMIT RREQ messages per
second. After broadcasting a RREQ, a node waits for a RREP (or other control message

with current information regarding a route to the appropriate destination). If a route is
not received within NET_TRAVERSAL_TIME milliseconds, the node MAY try again
to discover a route by broadcasting another RREQ, up to a maximum of
RREQ_RETRIES times at the maximum TTL value. Each new attempt MUST
increment and update the RREQ ID. For each attempt, the TTL field of the IP header is
set according to the mechanism, in order to enable control over how far the RREQ is
disseminated for the each retry.
Data packets waiting for a route (i.e., waiting for a RREP after a RREQ has been sent)
SHOULD be buffered. The buffering SHOULD be "first-in, first-out" (FIFO). If a route
discovery has been attempted RREQ_RETRIES times at the maximum TTL without
receiving any RREP, all data packets destined for the corresponding destination
SHOULD be dropped from the buffer and a Destination Unreachable message SHOULD
be delivered to the application.
To reduce congestion in a network, repeated attempts by a source node at route
discovery for a single destination MUST utilize a binary exponential backoff. The first
time a source node broadcasts a RREQ, it waits NET_TRAVERSAL_TIME
milliseconds for the reception of a RREP. If a RREP is not received within that time, the
source node sends a new RREQ. When calculating the time to wait for the RREP after
sending the second RREQ, the source node MUST use a binary exponential backoff.
Hence, the waiting time for the RREP corresponding to the second RREQ is 2 *

NET_TRAVERSAL_TIME milliseconds. If a RREP is not received within this time
period, another RREQ may be sent, up to RREQ_RETRIES additional attempts after the
first RREQ. For each additional attempt, the waiting time for the RREP is multiplied by
2, so that the time conforms to a binary exponential backoff
2.7.3 Processing and Forwarding Route Requests
When a node receives a RREQ, it first creates or updates a route to the previous hop
without a valid sequence number then checks to determine whether it has received a
RREQ with the same Originator IP Address and RREQ ID within at least the last
PATH_DISCOVERY_TIME. If such a RREQ has been received, the node silently
discards the newly received RREQ. The rest of this subsection describes actions taken
for RREQs that are not discarded.
First, it first increments the hop count value in the RREQ by one, to account for the new
hop through the intermediate node. Then the node searches for a reverse route to the
Originator IP Address , using longest-prefix matching. If need be, the route is created, or
updated using the Originator Sequence Number from the RREQ in its routing table. This
reverse route will be needed if the node receives a RREP back to the node that
originated the RREQ (identified by the Originator IP Address). When the reverse route
is created or updated, the following actions on the route are also carried out:
1. the Originator Sequence Number from the RREQ is compared to the
corresponding destination sequence number in the route table entry and
copied if greater than the existing value there

2. the valid sequence number field is set to true;
3. the next hop in the routing table becomes the node from which the RREQ
was received (it is obtained from the source IP address in the IP header
and is often not equal to the Originator IP Address field in the RREQ
message);
4. the hop count is copied from the Hop Count in the RREQ message;
Whenever a RREQ message is received, the Lifetime of the reverse route entry for the
Originator IP address is set to be the maximum of (ExistingLifetime , MinimalLifetime),
where The current node can use the reverse route to forward data packets in the same
way as for any other route in the routing table. If a node does not generate a and if the
incoming IP header has TTL larger than 1, the node updates and broadcasts the RREQ to
address 255.255.255.255 on each of its configured interfaces To update the RREQ, the
TTL or hop limit field in the outgoing IP header is decreased by one, and the Hop Count
field in the RREQ message is incremented by one, to account for the new hop through
the intermediate node. Lastly ,the Destination Sequence number for the requested
destination is set to the maximum of the corresponding value received in the RREQ
message, and the destination sequence value currently maintained by the node for the
requested destination However, the forwarding node MUST NOT modify its maintained
value for the destination sequence number, even if the value received in the incoming
RREQ is larger than the value currently maintained by the forwarding node.
Otherwise, if a node does generate a RREP, then the node discards the RREQ. Notice
that, if intermediate nodes reply to every transmission of RREQs for a particular

destination, it might turn out that the destination does not receive any of the discovery
messages. In this situation, the destination does not learn of a route to the originating
node from the RREQ messages This could cause the destination to initiate a route
discovery (for example, if the originator is attempting to establish a TCP session). In
order that the destination learn of routes to the originating node, the originating node
SHOULD set the "gratuitous RREP" ('G') flag in the RREQ if for any reason the
destination is likely to need a route to the originating node. If, in response to a RREQ
with the 'G' flag set, an intermediate node returns a RREP, it MUST also unicast a
gratuitous RREP to the destination node.
2.7.4 Generating Route Replies
A node generates a RREP if either:
(i) it is itself the destination, or
(ii) it has an active route to the destination, the destination sequence number in the
node's existing route table entry for the destination is valid and greater than or
equal to the Destination Sequence Number of the RREQ (comparison using
signed 32-bit arithmetic), and the "destination only" ('D') flag is NOT set.
When generating a RREP message, a node copies the Destination IP Address and the
Originator Sequence Number from the RREQ message into the corresponding fields in
the RREP message. Processing is slightly different, depending on whether the node is

itself the requested destination , or instead if it is an intermediate node with an fresh
enough route to the destination
Once created, the RREP is unicast to the next hop toward the originator of the RREQ, as
indicated by the route table entry for that originator. As the RREP is forwarded back
towards the node which originated the RREQ message, the Hop Count field
isincremented by one at each hop. Thus, when the RREP reaches the originator, the Hop
Count represents the distance, in hops, of the destination from the originator.
2.7.5 Hello Messages
A node MAY offer connectivity information by broadcasting local Hello messages. A
node SHOULD only use hello messages if it is part of an active route. Every
HELLO_INTERVAL milliseconds, the node checks whether it has sent a broadcast
(e.g., a RREQ or an appropriate layer 2 message) within the last HELLO_INTERVAL.
If it has not, it MAY broadcast a RREP with TTL = 1, called a Hello message, with the
RREP message fields set as follows:
Destination IP Address The node's IP address.
Destination Sequence Number The node's latest sequence number.
Hop Count 0
Lifetime ALLOWED_HELLO_LOSS *
HELLO_INTERVAL

A node MAY determine connectivity by listening for packets from its set of neighbors.
If, within the past DELETE_PERIOD, it has received a Hello message from a neighbor,
and then for that neighbor does not receive any packets (Hello messages or otherwise)
for more than ALLOWED_HELLO_LOSS * HELLO_INTERVAL milliseconds, the
node SHOULD assume that the link to this neighbor is currently lost. Whenever a node
receives a Hello message from a neighbor, the node SHOULD make sure that it has an
active route to the neighbor, and create one if necessary. If a route already exists, then
the Lifetime for the route should be increased, if necessary, to be at least
ALLOWED_HELLO_LOSS * HELLO_INTERVAL. The route to the neighbor, if it
exists, MUST subsequently contain the latest Destination Sequence Number from the
Hello message. The current node can now begin using this route to forward data packets.
Routes that are created by hello messages and not used by any other active routes will
have empty precursor lists and would not trigger a RERR message if the neighbor moves
away and a neighbor timeout occur.
2.7.6 Maintaining Local Connectivity
Each forwarding node SHOULD keep track of its continued connectivity to its active
next hops (i.e., which next hops or precursors have forwarded packets to or from the
forwarding node during the last ACTIVE_ROUTE_TIMEOUT), as well as neighbors
that have transmitted Hello messages during the last (ALLOWED_HELLO_LOSS *
HELLO_INTERVAL). A node can maintain accurate information about its continued

connectivity to these active next hops, using one or more of the available link or network
layer mechanisms, as described below.
 Any suitable link layer notification, such as those provided by IEEE 802.11, can
be used to determine connectivity, each time a packet is transmitted to an active
next hop. For example, absence of a link layer ACK or failure to get a CTS after
sending RTS, even after the maximum number of retransmission attempts,
indicates loss of the link to this active next hop.
 If layer-2 notification is not available, passive acknowledgment SHOULD be
used when the next hop is expected to forward the packet, by listening to the
channel for a transmission attempt made by the next hop. If transmission is not
detected within NEXT_HOP_WAIT milliseconds or the next hop is the
destination (and thus is not supposed to forward the packet) one of the following
methods SHOULD be used to determine connectivity:
* Receiving any packet (including a Hello message) from the next hop.
* A RREQ unicast to the next hop, asking for a route to the next hop.
If a link to the next hop cannot be detected by any of these methods, the forwarding
node SHOULD assume that the link is lost, and take corrective action by following the
methods
2.8 Characteristics of AODV
 Unicast, Broadcast, and Multicast communication.
 On-demand route establishment with small delay.

 Multicast trees connecting group members maintained for lifetime of
multicast group
 Link breakages in active routes efficiently repaired.
 All routes are loop-free through use of sequence numbers.
 Use of Sequence numbers to track accuracy of information.
 Only keeps track of next hop for a route instead of the entire route.
 Use of periodic HELLO messages to track neighbors.
2.9 Advantages and Disadvantages
The main advantage of AODV protocol is that routes are established on demand and
destination sequence numbers are used to find the latest route to the destination. The
connection setup delay is less. The HELLO messages supporting the routes maintenance
are range-limited, so they do not cause unnecessary overhead in the network. One of the
disadvantages of this protocol is that intermediate nodes can lead to inconsistent routes if
the source sequence number is very old and the intermediate nodes have a higher but not
the latest destination sequence number, thereby having stale entries. Also multiple
RouteReply packets in response to a single RouteRequest packet can lead to heavy
control overhead. Another disadvantage of AODV is that the periodic beaconing leads to
unnecessary bandwidth.
3.0 Security Issues of AODV

Because in MANET network medium is dynamic, nomadic and open operational, due to
this malicious node easily attack on physical link, as they can easily manipulated in ad-
hoc network. So Ad-hoc network are vulnerable to security problems than the wired
networks. In this section various security issues are explored.
 No centralized gateway Facility: - No centralized gateway device for
connecting and monitoring node. Node work in the nomadic and open
operational environment, by this intruder can easily attack and disrupt the
network this lead to lack of security, we cannot identify the trusted or
untrusted node [3].
 No predefine range of Network: - In Ad-hoc network there is no predefine
range of network. Node work in dynamic environment. Node can easily join
and leave the wireless medium. Attacks include eaves dropping,
Impersonation, tempering, replay and denial of service attack [1].
 End to End packet Delay: -Ad-hoc wireless network is based on mobile
node..Due to hidden terminals and path break, it increases the error rate and
End to End packet delivery ratio in wireless medium.
 Lack of Energy Resources: - In Ad-hoc network limited energy resource, No
alternate power resource. Node operation is depending on the battery power.
When attacker attack on the target node, Congestion in the network increase
due to requesting fake connection request causing its battery power lost [3].

 Transmission Range: - In wireless networks limited radio band and wired
network can offer high data rate in comparison of wireless medium. Thesis
requires the routing protocol in wireless networks to use the bandwidth always
in an optimal manner by keeping the overhead as long as possible.
 Node acts as Router: - In MANETs node rely on their neighbors to route their
message to the destination, due to limited transmission range. Hence node in
MANETs work as host as well as routers and routing is performed in multiple
hope manners.
3.1 Vulnerability of AODV Protocol
From the perspective of attacker’s routing protocol is more vulnerable. The fig.2.1 shows
the taxonomy for misusing AODV protocol. In this Vulnerability of AODV is basically
divided in packet drop, modify and forward, forge reply, active forge. Active forge is
divided in send fake route request and send fake route reply. In this dissertation misuse of
the RREP message and packet drop. AODV protocol is attacked in the following ways.
The attackers drop the packets and send a fake message for the receiver routing message.

Fig. 2.1 Taxonomy of AODV protocol vulnerability
3.2 Literature Review
3.2.1 PPN: Prime Product Number approach to malicious Node Detection
Prime Product Number approach to solve the malicious node problem [1] by prevention
and removal. It proposed a scheme to mitigate the adverse effects of misbehaving node.
Key contribution of this approach is , it assume that each node in the network has a
specific prime number which belong to node unchanged identity. In this scheme
MANET organized in to number of cluster in such a way that at least one cluster is a
member of every node which is called cluster head. When destination node and
Vulnerability
of AODV
Protocol
Packet
Drop
Modify
And
Forward
Forge
Reply
Active
Forge
Send
Fake
RREQ
Send
Fake
RREP

intermediate node generate route reply message to the source node which is the product
of prime number from destination node to source node and other information. If reply
information is right and prime product number is fully divisible then node is trustworthy
node otherwise call the removal process of the node.The main limitation of this
approach is that first give the prime number to every node in MANET, cannot check the
behavior of malicious node before assigned the prime number. if malicious node is
cluster head how can find out. It is slow process. End to end delay, through put and
packet delivery ratio is not improve.
3.2.2 Counter Algorithm approach for securing and preventing AODV routing
protocol
In this approach [13] source node without altering intermediate nodes and destination
nodes by using a Prior-Receive-Reply method. In this method, checking large difference
between the sequence number of source node and destination node or intermediate node
who has sent back RREP or not, compare the destination sequence number with source
sequence number. If there is more difference between source and destination sequence
number then destination node is malicious node.
This method work only source node and destination node. No involvement of
intermediate node. It is basis on specific attack black hole. Only sequence number
checking technique used.

3.2.3 Effect of malicious node on AODV approach
In this approach [8] it measure the performance of AODV routing protocol in the
presence of malicious nodes evaluation has been considered as packet delivery ratio,
through put, data packet sent/received and control packet droop. In this no prevention
and avoidance technique used for malicious node. It only measures the performance of
AODV. No technique is used for improved the performance in through put, end to end
delay, packet delivery ratio.
3.2.4 A survey of routing attacks in MANET approach
In this article [11], investigate the security issues in MANET. Author examine attacks
such as spoofing and colluding miserly attacks as well as counter measures against such
attacks in existing MANET protocol. In this approach gives solution for only specific
attack not all. No technique used for handling delivery ratio, end to end delay and
throughput.
3.2.5 Flooding attacks prevention in MANET approach
In this approach [14] algorithm is discussed for prevention of flooding attack. Node
categorized as strangers and friends based on their relationships with their neighboring
nodes. For evaluation of its neighbor node trust level a trust estimator is used. End-to-
end delay packet delivery ratio is like a various parameter for trust level functioning

3.2.6 CORE approach
In this CORE mechanism approach [9] it is heighten watchdog for isolating and
monitoring. Malicious node based on functional reputation, subjective and indirect
various types of information on each entity’s rate of collaboration is used for calculation
of reputation. Since there is no inducement for spreading negative information
maliciously about other nodes, the collaboration technique itself is prevented denial of
service attack.
2.4.6 Comparison Table
Table 2.1 Comparison of previous scheme and Existing Scheme
Method Change
in
routing
protocol
Quality
of Service
Attack Type Issues
PPN YES Time consuming,
Network throughput
increases at the cost
of a Higher over
head
Malicious Node
attack
 Malicious node is not easily
identified with any delay.
 More memory overhead
occur

Counter
Algorithm
No Throughput not
measure, malicious
node vary
Black hole attack  Not implements many
attacks.
 Not Measure the
performance of Throughput
in this environment
Bounpadith
et all
No No simulation
results
Survey paper  Performance during the data
transmission
 Prevention from other
attacks
 Detect and remove the
malicious node
Neetu Singh Yes End to End delay
not measure, time
consuming
Flood attack  Optimize value of threshold
 Improve their performance
Dos and
Black Hole
attack
scheme
No Throughput increase
and End to End
delay decrease
DOS and Black
Hole attack

Appendix II- AODV
II.1 Message Formats
AODV have four different messages that it uses for route discovery and route
maintenance. All message are sent using UDP
II.1.1 Route Request (RREQ)
Fig. II.1 Route Request
Type: Type of message.
Reserved: Reserved for future use. Currently sent 0 and ignored on reception
Hop Count: Number of hops from the source IP address to the node handling the
request.
Type [8] Reserved [16 Hop Count [8]
Broadcast ID [32]
Destination IP address [32]
Source IP address [32]
Destination Sequence Number [32]
Source Sequence Number [32]

Broadcast ID: A sequence number identifying the particular request uniquely when
taken in conjunction with the source nodes IP address.

CHAPTER 3
ATTACKS IN MANET AND PROBLEM STATEMENT
3.1 Introduction
Mobile Ad-hoc network is dynamic, nomadic and wireless medium, which makes cause
of vulnerability to several types of attack in ad-hoc routing network. In mobile ad-hoc
network classification of attack is on the basis of behaviour of node, effects on
performance of network, effects of exposures in the network and in last origin.
3.2 Denial of Service attack
Denial of service attack is one of the most dangerous attacks. In this attack the malicious
node continuous broadcast or send the false control or data packet in the network due to
this kind of sending data or false packet network bandwidth is wasted largely and the
original packets are not able to reach their destinations. The target of dos attack is
captures the availability of network resources as like network energy, computational
power, network memory and bandwidth. When attack is successfully capturing the
network, the service will not be accessible. Sequence tiredness method and radio signal
jamming is normally used by attacker [8]. Avoidance of valid use or degradation of
network resources is the main aim of DOS attack. Malicious packet dropping is the class
of DOS attack. Dynamic topology change, open environment is the cause of
vulnerability of MANET to dos attack.

This attack is implemented on the reactive protocols by broadcasting the false data
packet and RREQ message[8].Today main network security concern is that how to stop
DOS attack for network resources accessibility with availability of ad-hoc network for
future use[9].
In below figure 3.1 when source node want to send data to destination node, first select
suitable path. In network any malicious node if present or enter its show their malicious
property and start flooding the large amount of data packet to source by this cause
congestion is increase over network and source node not able to send data to original
destination. In last malicious node consume battery energy, consume the resources and
drop the packet.
Fig 3.1 Basic DoS Scenario
Source
Destination

3.3 Black Hole Attack
A black hole attack is another attack possible in MANET. It is defined for on-demand
routing protocol. The aim of this attack is to absorb the routing packet or data packet
during performing the operation. It is claiming that it has shortest and fresh path with
smaller number of hope count and large sequence number to destination even though it
does not have a valid route to the destination node. Due to this claiming it attract all the
packets and absorbed them without forwarding to destination node.Once it entered in the
network, it drops forwarding data packet by making a black hole there. This node is
called blackhole node or black node. In Blackhole attack it first respond to route request
discovery instead first checking its routing table. It increase the congestion and traffic in
the network, and therefore attacker can misuse the traffic.
Fig.3.2 Black Hole attack on AODV
S
H I
J
D
K
A N
L M
RREQ
Fake RREP
Wireless Link

Above Figure 3.2 show examples of Blackhole attack, when source node(s) want to
establish route for data sending between source to destination(D), source node broadcast
the route request (RREQ). When black node or blackhole node receive RREQ. It
claiming with RREP and it has shortest path with minimum hop count and large
sequence number. In last then source send the data to Blackhole node and finally it
observed the routing packet or drop the forwarding packet to actual destination.
3.4 Malicious Node
Malicious node abuses the relationship between nodes causing disruption in the
operation of the network. Malicious (selfish) node intends to disrupt the ongoing proper
operation of the routing protocols. Network battery power is limited. When node use the
network battery power for its own purpose and node participate in network routing, this
type of node is called malicious node.
Malicious nodes can also agree to forward packets but silently drop the packets. They
are pretending to preserve energy and bandwidth. This causes defragmented networks,
isolated nodes, and significantly reduced network performance. Launch all kinds of
attacks by replaying, reordering or dropping packets from time to time, and even by
sending fake routing messages [2]. Capture the network battery power, network
resources, and increase the congestion in the network. In MANET network when
multiple nodes behaves as selfish, then it belong to the resulting scheme in the form of
degrading the routing information of other node and performance of other nodes and
blocking the functioning of nodes in the network. Multiple nodes act maliciously,

simultaneously, or alternately, resulting the schemes to be deal with them will become
very slow at most nodes. If multiple nodes are malicious in same networks, then there
will be the possibility of two more attacks. Network performance is depend on the
network functioning and parameter like network load, throughput, performance of
routing, end to end delay and packet delivery ratio but on the other hand malicious
environment degrade the network performance.
3.5 Problem Statement
Denial of service attack is a type of active attack. In this, attacker aim to attack the
accessibility of a node. When attack is successful the service will not be available. This
type of node is called malicious node or denial of service node. Denial of service means
degradation or avoidance of valid use of network resources. Malicious node drops the
packet and consumes the resources battery energy.
Blackhole attack is also a type of active attack .In which it claim to a shortest route
even though it does don’t have a valid route to the destination node. This type of node
called black hole node or black node. In the blackhole attack there are two type of node
type 1, in this black hole node first respond to route discovery request rather than check
its routing table. Black node drops the packets rather than forward to the destination.
Blackhole attack as false destination sequence attack also. In this, black hole node clam
to a request for a shortest path with a high sequence number of destination. Source
assumes this path is fresh path. again blackhole node drops the packets rather than

forwarding them to the destination. This type of node is called a black hole node of type
2. Attacks reducing the amount of routing information, discarding routing packet due to
selfish behavior of a node. A selfish node is a type of node which supply power is
limited, node use its power supply for its own purposes and does not participate in
routing operations.
B4 B5 B6
B3
B2
B1 C4 C5 t
C3
C2
C1
A D4
S BH
D1 D2 D3
Goode Node Malicious Node
Fig.3.3 Blackhole Node of Type 1
3.6 Impact of Denial of Service attack on Mobile Ad-hoc Networks
 Denial of Service (DoS) attacks not only consumes the scarce system
resources, such as bandwidth, battery energy, or CPU cycles, but also isolates
valid users from a network.

 DoS attacks may affect the network connectivity seriously and may further
be undermine the networking functions, such as control and data message
delivery.
 The new DOS attack, namely Ad Hoc Flooding Attack (AHFA), can result in
denial of service when it is used against on-demand routing protocols for
mobile ad hoc networks, such as AODV, DSR [9].
3.7 Imapact of Blackhole attack on Mobile Ad-hoc Networks
Today, very use of the wireless networks, which can be easily access. People can access
some application using the internet means create some Ad-hoc Networks. In this
scenario have some problem like attacker is attack and get some important information
like password, secrete key, important Data. In this environment malicious node are
responsible for all types’ attacks. Malicious node are reduced the Networks Load,
Performance, delay, Throughput of routing protocols.
It drops the data packet which degrades network throughput continuously, packet loss
ratio increase when number of attacker increase routing overhead increase and packet
delivery ratio decrease. Due to malicious activity of node it increase end to end delay in
the network.

3.8 Impact of Malicious Node on Mobile Ad-hoc Networks
In MANET, unhelpful node is malicious node. The nodes belonging to the first category
are either defective and therefore cannot follow a protocol or rule are with intent
malicious and try to attack on the system or networks. Malicious node causes packet
dropping, false routing and etc. Effects of malicious nodes are given below
 The result is defragmented network, isolated nodes, and drastically reduces
the network performance.
 Malicious node decreases the network connectivity in MANETs.
 No aim for the energy-saving.
 Launch all kind of denial-of-service (DoS) and Black Hole attacks by
replaying, reordering or dropping the packets from time to time, and even by
sending fake routing messages over network [11].

CHAPTER 4
PROPOSED SYSTEM
4.1 Introduction
Mobile ad- hoc network is wireless and dynamic and position of mobile node change
continuously. These causes increase the presence of attacks in the ad- hoc network. The
main focus on the work to prevention of Denial of Service (DoS) and Black Hole attacks
in Mobile Ad-hoc Network. In this research scheme detection of malicious node and
change functioning of malicious node without involvement of middle node and
destination node.
When any node get send route request if it is continuous route request then check the
behavior of the node that it should not be intrusion node. For finding this malicious
behavior we use the time limit and node counter which work as check the never receive
how many route request in a given time limit, here time limit is set at 0.6 and 8 neighbor
route request receive then node adding list of malicious behavior and declare malicious
behavior node in last malicious behavior node.
4.2 System Model
The general architecture of MANET is shown in Figure 4.1, in this architecture source
node is (node 1) and destination node (node 25). In figure we show the scenario of
dynamic networks and show some movable node in whole networks .The path of
sending data from source node to destination node is denoted by lines. Malicious node

was denoted in red color and will misbehaving in network. Movable node denoted in
yellow, color source node in green color, destination node in blue color, and normal
node in white color.
Fig. 4.1 General architecture of MANET
9
5
10
16
22
15
24
14
12
8
18
20
1
2
4
3
7
11
6
21
23
25
17
19
13
Source Node
Destination Node
Movable Node
Normal Node
Selfish Node

4.3 Node Property:
When networks operation is started then nodes property is like:
 The source node using optimum path for sending data from source to the
destination.
 Mobility is add in some node, to move in whole networks.
 The destination node receives the data which sends from source nod.
 Same networks task are performed by some nodes.
 Continuous packet sends in the network property and in malicious node due
to this, it will disturb the valid operations.

Blackhole attack in Manet

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Blackhole attack in Manet

Similar to Blackhole attack in Manet (20)

More from Prof Ansari

More from Prof Ansari (20)

Recently uploaded

Recently uploaded (20)

Blackhole attack in Manet