IJRIT International Journal of Research in Information Technology, Volume 2, Issue 6, June 2014, Pg: 496-502

International Journal of Research in Information Technology (IJRIT)

www.ijrit.com

ISSN 2001-5569

A Review of BlackHole Attacks on DSR Protocol in MANET S.V. Vasantha1, Dr. A. Damodaram2 1

Associate Professor, CSE, Nishitha College of Engineering and Technology Ranga Reddy District, Telangana, India [email protected] 2

Professor of CSE & Director AAC, JNTUH Hyderabad, Telangana, India [email protected]

Abstract Wireless / mobile communications network technologies have been dramatically advanced in recent years. Mobile ad-hoc network (MANET) is one of the most promising fields for research and developments of wireless network due to its rapid deploy and self-organize capabilities. However, security is still a major impediment to further deployments of the wireless ad hoc networks. Main objective of writing this paper is to address black hole attacks in DSR protocol in adhoc wireless networks.

KeyWords: Mobile Ad Hoc, DSR, security, BlackHole Attacks

1. Introduction The Mobile Ad hoc Network (MANET) is an infrastructure less network, mobile nodes forming the network perform all functionality of the network, with each mobile node acting as a host when requesting/providing information from/to other nodes in the network, and acting as a router when discovering and maintaining routes for other nodes in the network or forwarding packets to the next hop in the network. Ad hoc networking allows the devices to maintain connections to the network as well as easily adding and removing devices to and from the network. The principle behind mobile ad hoc networking is multi-hop relaying, which means messages sent by source to destination are forwarded by the other nodes if destination node is not directly reachable. MANETs have some special characteristic features such as unreliable wireless media (links) used for communication between hosts, open medium, dynamic network topologies and memberships, absence of infrastructure, resource constraint (memory, bandwidth, battery, lifetime, computation power etc.) and trust among node. While these characteristics are essential for the flexibility of MANETs, they introduce specific security concerns that are absent or less severe in wired networks. The wireless channel is accessible to both legitimate network users and malicious attackers. There is no well-defined place where traffic monitoring or access control mechanisms can be deployed. As a result, the boundary that separates the inside network form the outside world becomes blurred. On the other hand, the existing ad-hoc routing protocols such as AODV and DSR typically assume a trusted and cooperative environment. As a result, a malicious attacker can readily become a router and disrupt network operations by intentionally disobeying the protocol specifications.

S.V. Vasantha, IJRIT

496

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 6, June 2014, Pg: 496-502

2. MANET Vulnerabilities [1] Vulnerability is a weakness in security system. Vulnerabilities cause difficulty in providing security in ad hoc wireless network. Some of the vulnerabilities are given below. Lack of centralized management: In wired networks and infrastructure-based wireless networks, security mechanisms are implemented at certain central points such as routers, base stations and access points to monitor network traffic. Absence of centralized management in MANET will impede trust management for nodes. Resource availability: Resources in ad hoc wireless network such as battery power, bandwidth, memory and computational power are limited. Hence, it is problematic to implement complex cryptographic-based security mechanisms in MANET. Scalability: Due to mobility of nodes, scale of ad hoc network may vary during the course of time. Security mechanisms should be able to handle large network to small networks. Cooperativeness: Routing protocols in MANET assume a trusted and cooperative environment. As a result, a malicious attacker can readily become a router and disrupt network operations by intentionally disobeying the protocol specifications. Dynamic topology: Since these networks are dynamic in nature, a node can join or leave network at any point of time. If no proper authentication mechanism is used, an intruder easily enters into the network and carry out his/her attacks. Limited power supply: Since battery power of the mobile nodes in the MANET is limited, a node may be selfish. A selfish node may refuse to forward data packets for other nodes in order to conserve its own energy. Bandwidth Constraint: variable low capacity links exists as compared to other wireless networks, which are more susceptible to external noise, interference and signal attenuation effects. Adversary inside the network: Mobile nodes within MANET may cause an attack; such type of attack is known as internal attack, which is more dangerous than external attacks. These nodes are called compromised nodes. No predefined Boundary: The wireless channel is accessible to both legitimate network users and malicious attackers. There is no well-defined place where traffic monitoring or access control mechanisms can be deployed. As a result, the boundary that separates the inside network form the outside world becomes blurred. As a result, a malicious attacker can readily become a router and disrupt network operations by intentionally disobeying the protocol specifications. Because of these vulnerabilities, MANET is more prone to malicious attacks.

3. MANET Attacks [2] Attacks on ad hoc wireless networks can be classified into two major categories, namely passive attacks and active attacks. Passive attacks: A passive attack obtains data exchanged in the network without disrupting the operation of the communications. Examples of these attacks are eavesdropping and traffic analysis. They are hard to detect because normal operation of the network is not affected so, it is better to go prevention by using a powerful encryption algorithm so that the adversary cannot interpret the data gathered by snooping. Active attacks: An active attack involves information interruption, modification, or fabrication, thereby disrupting the normal functionality of a MANET. Further active attacks are classified as External attacks and Internal attacks. a) External Attacks : These attacks are caused by the nodes that are present outside the network. These attacks can be prevented by strong encryption algorithms and firewalls. b) Internal Attacks : These attacks are caused by the nodes that are included to form the network. Here the adversary is an authorized node of the network so it is difficult to detect the internal attacks. S.V. Vasantha, IJRIT

497

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 6, June 2014, Pg: 496-502

3.1. Network Layer Attacks [2], [3] BlackHole Attack A BlackHole attack is a kind of denial of service attack where a malicious node uses the protocol and advertises itself as having the shortest path or most stable path to the destination node and absorb data packet without forwarding them to the destination. Cooperative Black Hole Attack In a cooperative black hole attack two or more nodes cooperate amongst themselves and when a packet is forwarded to any of these nodes they collude with each other and drop it. Gray Hole Attack In a Gray hole attack, a node that may forward all packets to certain nodes but may drop packets coming from or destined to specific nodes or a node that may behave maliciously for some time but later on it behaves absolutely normally. Due to this uncertainty in behavior of gray hole, these types of attacks are more difficult when compared to black hole attacks. Like black holes, cooperative gray hole attacks may be possible. WormHole Attack In WormHole Attack two malicious nodes at different locations in the network collude to compromise the security of the network. A malicious node at one location forwards packets through a tunnel to another location where these packets are resent into the network. The tunnel between these two colluding malicious nodes is referred to as a WormHole. Byzantine Attack In Byzantine Attack a set of compromised intermediate nodes in collusion or a malicious intermediate node alone carry out attacks such as forwarding packets on non-optimal path creating routing loops and selectively dropping packets which results in disruption in routing services and degradation of network performance. Information Disclosure A malicious authorized node may reveal important information such as structure of the network, location of the nodes, or optimal paths to the authorized nodes to unauthorized nodes in the network. Sleep Deprivation Attack This attack is a kind of Resource consumption attack, where a malicious node consumes limited resources like battery power of other nodes in the network by forwarding unnecessary packets frequently to them. Sybil Attack In this attack for a malicious node, several different fake identities will be created i.e. an attacker can appear to be in multiple locations at the same time. Rushing Attack In this attack a malicious node which receives RouteRequest packet from the source node respond immediately by flooding RouteRequest packet throughout the network before the original RouteRequest packet sent by the source node reaches to other nodes. A node that receive original RouteRequest packet assumes it to be duplicate of the packet already received from the malicious node and discard this packet. The path discovered by the source contains malicious node as an intermediate node. Hence path discovered by the source node is not a secure path.

4. Dynamic Source Routing (DSR) Protocol [4], [5], [6]

S.V. Vasantha, IJRIT

498

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 6, June 2014, Pg: 496-502

DSR is a reactive on-demand routing protocol, where periodic routing advertisement messages are not used. Hence it conserves battery power of the mobile nodes and reduces the network bandwidth overhead. DSR routing process involves two mechanisms: a) Route Discovery b) Route maintenance a) Route Discovery: This mechanism is initiated by the source node if it wants to send data packets to another mobile node which is not available in the route cache. Hence this protocol is known as source driven routing protocol. It initiates route discovery process by broadcasting Route Request (RREQ) Packet. RREQ packet consists of four fields: source address, destination address, request id and route record list. When the node receives RREQ packet from adjacent node it appends its address to the route record list if either RREQ i.e. source and request id are not found earlier or node’s address is not there in the route record list otherwise it is discarded to avoid loop formations. The amended packet is then broadcast on to the neighboring nodes. If the intermediate node’s route cache contains the path to the destination node then it first appends this path to the route record list of RREQ then copies this list to the Route Reply (RREP) packet in reverse order and sends it to the source node on the reverse path. If the node is the destination then the route record list is copied to the RREP packet in reverse order and sends it to the source node on the reverse path in case of bidirectional links otherwise route discovery process is initiated by the destination node to find the path from destination node to source node. Finally when source receives the path to the destination it stores this path in the route cache for further use. b) Route Maintenance: If mobile node does not receive any response from next hop it means that the link is broken or next hop is not in the range of mobile node then Route Error (RERR) packet is sent to the source. Source node checks its route cache for an alternate path to the destination, if it is not available then it again initiates Route Discovery process to find a new path.

5. BlackHole Attack in DSR Protocol [2], [5], [6] In BlackHole attack a malicious node (i.e. BlackHole) first exploits the Route Discovery process of adhoc ondemand routing protocol like DSR to advertises itself as having the valid shortest path to the destination then it drops the packets sent to it without forwarding to the next hop. BlackHole node claims the freshness of the route reply with the highest sequence number and shortest path using minimum hop count.

S

B

A

D : RREQ : RREP : RREP by BlackHole Node

C

S: Source Node B: BlackHole Node D: Destination Node A, B and C: Intermediate Nodes

Fig. 1: BlackHole Attack in DSR protocol Fig. 1 shows BlackHole attack in DSR protocol, here Source node S wants to send data to the Destination node D initiates route discovery process by broadcasting RREQ packets. Intermediate node A and BlackHole node B receives RREQ packet from source node S. Node B immediately responds with a valid shortest path without checking its route cache before any other node responds. Node A checks its route cache if it has a valid route it responds otherwise broadcast RREQ packets to node C and node D similarly node C. Node D responds with the S.V. Vasantha, IJRIT

499

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 6, June 2014, Pg: 496-502

optimal path to the node S. Node S considers node B’s reply as valid shortest path and ignores all other replies. Node S forwards data packets to node B but node B drops all data packets without forwarding to the next hop which creates a BlackHole in the network. So there is a need for the methods to detect and prevent BlackHole attacks.

6. BlackHole Detection/Prevention Techniques in DSR protocol There are various methods for detecting or preventing BlackHole attack in DSR protocol, here are few recent techniques discussed below. In paper [5] authors proposed modified DSR for mitigating BlackHole Impact in MANET. The performance of DSR Protocol in presence of BlackHole attack is improved by modifying the Route Request (RREQ) packet with fictive target address shown in fig. 2. Type

Reserved Unique Request ID Fictive Target Address Source Address Path

Hop Count

Fig. 2: Modified Route Request (RREQ) packet When Source node wants to send data packets to destination node, it requires route from source node to destination node ,if the route is available in its route cache or route reply is sent by an intermediate node, then first data packet should be sent to the destination node on this route and wait for the acknowledgement (ack) of the first data packet. If ack comes within certain time, then this route is safe and succeeding packets are sent on the same route otherwise malicious node identification process will be started. To identify the presence of malicious node a fictive request packet is sent along the suspected route with the destination address as fictive address which is not there in the network. The node which reply to this request is listed as blackhole and it is not included in the routing process. If the route reply is from destination node then the route is considered as safe route. Analysis Packet delivery ratio and throughput can be achieved near to DSR network than blackhole based network. However, End-to-End delay needs to be reduced.

In paper [8] authors proposed a modified DSR algorithm which is based on Prior- Recieve-Reply for protecting the DSR protocol against BlackHole attacks. This technique uses counting method to identify the malicious nodes and eliminate them from routing process. Usually the malicious node reply is the first route reply in RR table with high destination sequence number. So, when the first destination hop count is compared with the source hop count a big difference between them implies that the destination node is a malicious node, then that entry is immediately removed from the RR-Table. The method has three cases: case 1: If source node is a BlackHole node then each intermediate node which receives route request packet from the source node to find the destination will drop the control message and avoid further communication with malicious source node. Case 2: If destination node is a BlackHole node then each intermediate node which receives a control message from malicious destination node towards source node will drop the control message and avoid further communication with malicious node. Case 3: If intermediate node is a BlackHole node and if neighbor of malicious node receives a control message from malicious node then it will drop that control message instead of forwarding it to next hop. This algorithm removes routing table containing malicious node entries so that they are excluded from further routing process. Analysis S.V. Vasantha, IJRIT

500

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 6, June 2014, Pg: 496-502

This algorithm has attained worthy improvement in PDR with permissible end-to-end delay. Moreover it does not require any overhead on either the destination node or any intermediate node on DSR Protocol. In paper [9] authors has proposed a Trust based model to mitigate BlackHole attacks in DSR protocol, which is an improvement of the Association based Route selection. This method involves selection of the most reliable and secure route to the destination based on the trust values of the nodes. For every node in the network, a trust value will be calculated and stored that represent the value of the trustiness to each of its neighbor nodes. This trust value will be calculated based on the experiences that the node has with its neighbor nodes. When a node wants to send data packets to the destination node then it broadcasts Route Request packet to all the neighboring nodes. Unlike conventional DSR source node waits till it receives Route Reply packets from all the neighboring nodes then sorts them based on the trust ratings. The source node selects the most trusted and reliable path from replies. Thus the black hole nodes will be identified as unknown and can be avoided in routing process. Analysis This algorithm shows that the throughput and percentage of packet delivery ratio under the threat of increasing malicious nodes performs better than the conventional DSR. It also shows that the average latency which is slightly higher than the conventional DSR due to the trust based routing. In paper [10] authors has proposed a method which will combat against BlackHole in DSR Protocol. In this method each node uses number rules to inference about honesty of reply’s sender. The main objective of this protocol is to check out the set of malicious nodes locally at each node whenever they try to act as a source node. The source node will wait and collects the replies from all neighboring nodes then check the list of replies to find a safe route to the destination node. Analysis The Simulation’s results show that the proposed method provides better security and also better performance in terms of packet delivery than the conventional DSR Protocol in the existence of BlackHoles with minimal additional delay and Overhead.

7. Conclusion MANET’s conventional DSR Protocol requires to be enhanced so that it address problem of BlackHole attack in the network. This paper reviews some of the most recent solutions to the BlackHole attacks on DSR Protocol in mobile adhoc networks. Solutions discussed for detection/prevention of BlackHole Attacks assumes MANET with always having bidirectional links whereas mobile nodes which forms the network is subject to dynamic topology. The broken link in the network may be due to malicious node or node mobility hence node cannot be black listed. Therefore protocol to be designed must consider dynamic topology of the MANET.

References [1] Priyanka Goyal, Vinti Parmar, Rahul Rishi, “ MANET: Vulnerabilities, Challenges, Attacks, Application” , IJCEM International Journal of Computational Engineering & Management, Vol. 11, January 2011 ISSN (Online): 2230-7893 www.IJCEM.org [2] K.P.Manikandan, Dr.R.Satyaprasad, Dr.K.Rajasekhararao, “A Survey on Attacks and Defense Metrics of Routing Mechanism in Mobile Ad hoc Networks”, (IJACSA) International Journal of Advanced Computer Science and Applications,Vol. 2, No.3, March 2011 http://ijacsa.thesai.org/ [3] Saloni Sharma , Anuj K Gupta, “ Survey of Secure mobile adhoc routing protocols”, International Journal of Research in Computer Engineering and Electronics. 1 VOl : 3 ISSUE :2 ISSN 2319-376X ICV 4.08 IJRCEE@2014 http://www.ijrcee.org [4] Swapna Taksande, Prof. Rajani Bhoomarker, Prof. Sameena Jafar, “REVIEW PAPER ON RESPONSE BASED APPROACHES FOR DETECTION OF MISBEHAVING NODES IN MANETS”, Swapna Taksande et al, International Journal of Computer Science and Mobile Computing, Vol.3 Issue.1, January- 2014, pg. 385-392 S.V. Vasantha, IJRIT

501

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 6, June 2014, Pg: 496-502

www.ijcsmc.com [5] Vaishali B. Mewada, Viral Borisagar, “ MODIFIED DSR FOR MITIGATING BLACKHOLE IMPACT IN MANET”, International Journal For Technological Research In Engineering Volume 1, Issue 9, May-2014 ISSN (Online): 2347 - 4718 www.ijtre.com [6] Rekha Kaushik, Dr. Jyoti Singhai, “Simulation Analysis of Node Misbehavior in an Ad-hoc Network using NS2”, (IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 4, 2010 http://sites.google.com/site/ijcsis/ ISSN 1947-5500 [7] Nidhi Gupta, Sanjoy Das, Khushal Singh, “A Comprehensive Survey and Comparative Analysis of Black Hole Attack in Mobile Ad Hoc Network”, International Journal of Computer, Information, Mechatronics, Systems science and Engineering Vol:8 No:1, 2014 [8] Pooja Bavarva, Pratik Modi, “ Preventing DSR routing protocol against Black Hole using Counting Method”, International Journal of Advance Engineer ing and Research Development (IJAERD) Volume 1,Issue 5,May 2014, e-ISSN: 2348 - 4470 , print-ISSN:2348-6406 [9] N. Bhalaji, A. Shanmugam, “A Trust Based Model to Mitigate Black Hole Attacks in DSR Based Manet”, European Journal of Scientific Research ISSN 1450-216X Vol.50 No.1 (2011), pp.6-15 © EuroJournals Publishing, Inc. 2011http://www.eurojournals.com/ejsr.htm [10] Sona Malhotra, Kurukshetra, Sandeep Kumar, Kurukshetra, “Detection of Black Hole in AD- HOC Networks”, International Journal of Computer Applications Technology and Research Volume 3– Issue 6, 374 - 376, 2014.

S.V. Vasantha, IJRIT

502

A Review of BlackHole Attacks on DSR Protocol ... - IJRIT

network (MANET) is one of the most promising fields for research and ... place where traffic monitoring or access control mechanisms can be deployed.

108KB Sizes 2 Downloads 182 Views

Recommend Documents

A Review of BlackHole Attacks on DSR Protocol ... - IJRIT
infrastructure, resource constraint (memory, bandwidth, battery, lifetime, computation ... central points such as routers, base stations and access points to monitor.

Prevention of Blackhole Attacks on Aodv Routing Protocol In ... - IJRIT
1Assistant Professor, Dept. of Computer Applications, Pachaiyappa's College, ... protocol(DSDV), Wireless Routing Protocol (WRP), Cluster-Head Gateway.

Prevention of Blackhole Attacks on Aodv Routing Protocol In ... - IJRIT
and destination with minimum overhead and minimum bandwidth consumption so that packets are delivered in a timely manner. .... We deploy a credit mechanism to check the next hop whether it can be trusted or not. .... other wireless networks, and the

A Survey on Routing Protocol Routing Protocol Routing ... - IJRIT
The infrastructure less and the dynamic nature .... faster convergence, it employs a unique method of maintaining information regarding the shortest distance to.

A Survey on Routing Protocol Routing Protocol Routing ... - IJRIT
CGSR Cluster head Gateway Switch Routing protocol [9] is a multichannel operation ..... protocols of mobile ad-hoc networks”, International Journal of Computer ...

A Review on Wireless Inductive Power for A Review on ... - IJRIT
Wireless power provides convenience of charging mobile phones and devices. ... Since data communication has become wireless, users expect similar use ...

A Review on Wireless Inductive Power for A Review on ... - IJRIT
To discuss the wireless inductive power system, a closer look at the system is .... winding width w the inductance for a ring coil inductor may vary slightly.

Detection Elimination and Overcoming of Vampire Attacks in ... - IJRIT
Ad hoc wireless sensor networks (WSNs) promise exciting new applications in the near future, such as ubiquitous on-demand computing ... In the one cause of energy loss in wireless sensor network node in the idle consumption, when the nodes are not pa

A Review on Digital Multiband Orthogonal Digital Multiband ... - IJRIT
IJRIT International Journal of Research in Information Technology, Volume 2, Issue 1, ... In Wireless communication systems, the high data transmission rate is ...

A Review on Neural Network for Offline Signature Recognition ... - IJRIT
Based on Fusion of Grid and Global Features Using Neural Networks. ... original signatures using the identity and four Gabor transforms, the second step is to ...

A Review on Search Based Software Engineering - IJRIT
Search-based Software Engineering (SBSE) has emerged as a promising research field. This recent discipline involves the modeling and resolution of complex software engineering problems as optimization problems, especially with the use of. Metaheurist

A Review on Digital Multiband Orthogonal Digital Multiband ... - IJRIT
IJRIT International Journal of Research in Information Technology, Volume 2, Issue .... the applications like pipelined ofdm, pulsed ofdm, wired or wireless use of ...

Detection Elimination and Overcoming of Vampire Attacks in ... - IJRIT
... Computer Science And Engineering, Lakkireddy Balireddy College Of Engineering ... Vampire attacks are not protocol-specific, in that they do not rely on design ... are link-state, distance vector, source routing, geo graphic and beacon.

Review on Various Application of Cloud computing in ... - IJRIT
IJRIT International Journal of Research in Information Technology, Volume 2, ... Keywords: Cloud Computing, ICT, Wireless Sensor Actor Network, Agri – Cloud, Mobile Cloud. .... supports the 2.5G, 3G or 4 G technologies, distributed all over.

A Simple Distributed Identification Protocol for Triplestores - IJRIT
social network graph victimisation existing techniques. .... III. Distributed Identification Mechanism for Triplestores. This part we discuss the idea of using the ...

A Simple Distributed Identification Protocol for Triplestores - IJRIT
applications access to user online private data to their server resources without sharing their credentials, using user-agent redirections. In this paper defines a simple ... the employment and unleash of specific information, like money or medical d

A Simple Distributed Identification Protocol for Triplestores - IJRIT
IJRIT International Journal of Research in Information Technology, Volume 1, Issue 11, ... OAuth is associate degree open customary for authorization.

Review on Different Cluster Head Formation Algorithm of ... - IJRIT
IJRIT International Journal of Research in Information Technology, Volume 3, .... On the other hand, intra cluster communication cost reflects the node degree or ...

Review on Different Cluster Head Formation Algorithm of ... - IJRIT
as locations under heavy traffic load [1]. Nodes in such areas quickly exhaust energy resources, leading to disconnection in network services. Cluster based ...

Review on Various Application of Cloud computing in ... - IJRIT
phones, laptops, software, scientific instruments. Mobile ... components used in availing ICT services, such as virtual computers, traffic monitoring and redirecting, .... [10] Cloud computing and emerging IT platforms: Vision, hype, and reality for 

A Simple Distributed Identification Protocol for ... - IJRIT
Email-id: [email protected]. Abstract. OAuth is an open standard for authorization. OAuth provides a method for clients to access server resources on ...

Identification of Enablers of Poka-Yoke: A Review - IJRIT
Keywords: Indian Manufacturing Industries, Poka-Yoke, Quality, ... method is to eliminate human errors in manufacturing process and management as a result of ...

Identification of Enablers of Poka-Yoke: A Review - IJRIT
IJRIT International Journal of Research in Information Technology, Volume 1, Issue 8, ... application of this tool, errors are removed in production system before they produce ... Chase and Stewart state that Poka-Yoke involves a three steps process