IJRIT International Journal of Research in Information Technology, Volume 2, Issue 6, June 2014, Pg: 90-97

International Journal of Research in Information Technology (IJRIT) www.ijrit.com

ISSN 2001-5569

Effect of Black Hole Attack on AD HOC ON Demand Distance Vector Routing Protocol in Wireless Ad hoc Networks Sarita Chaudhary, Pooja Arora Doon Valley Institute of Engineering & Technology, Karnal Affiliated to Kurukshetra University, Kurukshetra ABSTRACT The growing popularity of wireless networks, and the peak in the present era, so as to attract the wireless user, regardless of their geographical location. They plays significant role in real life applications such as military applications, home applications etc. these networks are threatened by a lot of security attacks such as Modification, Denial of service attack, Fabrication attack etc. One of these security threat is Black-hole. In this type of attack a malicious node falsely advertised itself have a short and a fresh route to a destination and absorbs the all packets itself. In this paper, we simulate the Ad hoc on Demand Vector Routing Protocol (AODV) under black hole attack by considering different performance metric. The simulation results show the effectiveness of black hole attack on AODV protocol using NS-2 simulator.

Keywords: AODV, Black hole Attack, Destination Sequence Number, Idle node, Proactive, Reactive, Selfish Node. 1. INTRODUCTION In areas in which there is little or no communication infrastructure or the existing infrastructure is expensive or inconvenient to use, wireless mobile users may still be able to communicate through the formation of an ad hoc network. In such a network, each mobile node operates not only as a host but also as a router, forwarding packets for other mobile nodes in the network that may not be within direct wireless transmission range of each other. Each node participates in an ad hoc routing protocol that allows it to discover “multi-hop” paths through the network any other node. The idea of ad hoc networking is sometimes also called infrastructure less networking. Since the mobile nodes in the network dynamically establish routing among themselves to form their own network. Hence a routing protocol for ad hoc networks is a protocol that will be executed on every host and is therefore subject to the limit of the resources at each mobile host. A number of routing protocols have been proposed for ad hoc wireless networks derived from distance-vector or link-state routing algorithms. Such protocols are classified as proactive or reactive, depending on whether they keep routes continuously updated, or whether they react on demand. In Section 2 we study the routing protocols for wireless ad hoc networks. Section 3 shows description of AODV routing protocol. Section 4 describes the black hole attack. In Section 5 Simulation of AODV under black hole attack is implemented. In Section 6 we draw our conclusion.

2. ROUTING PROTOCOLS FOR WIRELESS AD HOC NETWORKS The routing in the Ad hoc networks is a very critical task because of the absence of any central coordinator or base station and the dynamic topology [1]. In order to facilitate communication in these networks a routing protocol is Sarita Chaudhary,IJRIT

90

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 6, June 2014, Pg: 90-97

used to discover the routes between nodes. The greatest challenge for the Wireless Ad Hoc Networks is to come with a robust security solution even in the presence of malicious nodes, so that they can be protected from various routing attacks. A routing protocol is needed whenever a packet needs to be transmitted to a destination via number of nodes. Many protocols have been suggested keeping applications and type of network in view. 2.1 Classification of Routing Protocols There are several kinds of routing protocols for wireless ad hoc networks. The first kind of protocol is called reactive or on-demand routing protocol. The second kind of protocol is proactive or table driven routing protocol.

2.1.1 Reactive (On demand Routing Protocol) Reactive routing protocols are called on-demand routing protocols so these routing protocols are called when they are needed and the routes are built. These routes can be acquired by sending route requests through the network. Disadvantage of this algorithm is that it offers high latency in searching a network. 2.1.2 Proactive (Table Driven Routing Protocols) In Table Driven routing protocols each node maintains one or more routing tables containing routing information about all other node in the network. All nodes keep on updating these tables to maintain latest view of the network. Some popular proactive protocols are: DSDV, WRP etc [3].

3. AD HOC ON DEMAND DISTANCE VETOR ROUTING PROTOCOL (AODV) AODV shares DSR's on-demand characteristics in that it also discovers routes on an “as needed” basis via a similar route discovery process. However, AODV adopts a very different mechanism to maintain routing information. It uses traditional routing tables, one entry per destination. This is a departure from DSR, which can maintain multiple route cache entries for each destination. AODV has three message types. Which are: Route Requests (RREQs), Route Replies (RREPs), and Route Errors (RERRs). Without source routing, AODV relies on routing table entries to propagate a RREP back to the source and, subsequently, to route data packets to the destination. AODV uses sequence numbers maintained at each destination to determine freshness of routing information and to prevent routing loops. These sequence numbers are carried by all routing packets. When a sender wants to communicate with a node, it creates a RREQ packet and broadcast it to find a route to the destination. Ty pe

J R

G

D

U

Reserved

Hop count

RREQ ID Destination IP Address Destination Sequence Number Originator IP Address Originator Sequence Number Fig 1: RREQ Packet

Each node receiving the RREQ message forward this message to its neighboring node and the process is continues till the destination is reached. The destination prepares RREP packet and unicast it to the source node.

Sarita Chaudhary,IJRIT

91

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 6, June 2014, Pg: 90-97

Type

R

A

Reserved

Prefix Size

Hop Count

Destination IP Address Destination Sequence Number Originator IP Address Life Time Fig 2: RREP Packet

The RERR message is generated in case when there is a link break in an active route is detected. Type

N

Reserved

Dest. Count

Unreachable Destination IP Address Unreachable Destination Sequence number Additional Unreachable Destination IP Address Additional Unreachable Destination Sequence number Fig 3: RERR Packet

4. BLACK HOLE ATTACK Black hole attack is dangerous active attacks on the Mobile Ad hoc Networks. To carry out a black hole attack, malicious node waits for neighboring nodes to send RREQ messages. When the malicious node receives an RREQ message, without checking its routing table, immediately sends a false RREP message giving a route to destination over itself, assigning a high sequence number to settle in the routing table of the victim node, before other nodes send a true one. Therefore requesting nodes assume that route discovery process is completed and ignore other RREP messages and begin to send packets over malicious node. Malicious node attacks all RREQ messages this way and takes over all routes. Therefore all packets are sent to a point when they are not forwarding anywhere. This is called a black hole a kin to real meaning which swallows all objects and matter. To succeed a black hole attack, malicious node should be positioned at the center of the wireless network. If malicious node masquerades false RREP message as if it comes from another victim node instead of itself, all messages will be forwarded to the victim node. By doing this, victim node will have to process all incoming messages and is subjected to a sleep deprivation attack. In an ad-hoc network that uses the AODV protocol, a Black Hole node absorbs the network traffic and drops all packets. To explain the Black Hole Attack we added a malicious node that exhibits Black Hole behavior in the scenario.

Fig 4. Illustration of Black Hole Attack.

In this scenario shown in Figure 12, we assume that Node 3 is the malicious node. When Node 1 broadcasts the RREQ message for Node 4, Node 3 immediately responds to Node 1 with an RREP message that includes the highest sequence number of Node 4, as if it is coming from Node 4. Node 1 assumes that Node 4 is behind Node 3 Sarita Chaudhary,IJRIT

92

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 6, June 2014, Pg: 90-97

with 1 hop and discards the newly received RREP packet come from Node 2. Afterwards Node 1 starts to send out its data packet to the node 3 trusting that these packets will reach Node 4 but Node 3 will drop all data packets. In a Black Hole Attack, after a while, the sending node understands that there is a link error because the receiving node does not send TCP ACK packets. If it sends out new TCP data packets and discovers a new route for the destination, the malicious node still manages to deceive the sending node. If the sending node sends out UDP data packets the problem is not detected because the UDP data connections do not wait for the ACK packets. 5. SIMULATION OF AODV UNDER BLACK HOLE ATTACK To test the implementation two simulations are used. In the first simulation no Black Hole AODV Node (the malicious node that exhibits the Black Hole Attack will be called “Black Hole Node”) is used. In the second simulation a Black Hole AODV Node is added to the simulation. Then the results of the simulations are compared using NAM. 5.1 Simulated scenario For simulation, we set the parameter as shown in Table 1. A medium size network that has 13 nodes is generated and a TCP connection between Node 0 and Node 4 is created, and CBR (Constant Bit Rate) application that generates constant packets through the TCP connection is also attached. As the communication channel between them are wireless so communication between them takes place when they in range of one another or there is some intermediate node between them CBR packet size is chosen to be 1000 bytes long. Duration of the simulation scenarios is 10 seconds and the CBR connections started at time equals to 1.0 seconds and continue until the end of the simulation, in a 800 x 800 meter flat space.

Parameter

Value

Simulator

NS-2

Version

2.35

Number of nodes

13

Topography

800m x800m

Dimensions Traffic Type

CBR

Packet Size

1000 bytes

Antenna

Omni-Antenna

Propagation

TwoRayGround

Mac Type

802.11 Mac

Routing Protocol

AODV

Queue

DropTail/PriQueue

Simulation time

10 Sec.

Max. Packets in Queue

100

Table 1 Simulation Parameters

In figure 5 there is no Black Hole AODV Node, connection between Node 0 and Node 4 is correctly flawed when the animation of the simulation is observed, Figure 5 shows the data flow from Node 0 to Node 4.

Sarita Chaudhary,IJRIT

93

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 6, June 2014, Pg: 90-97

Fig5. Data flow between Node 0 and Node 4 via Node 1 and Node 3

In the second simulation scenario, add the Black Hole behavior to Node 2. Node 2 being a Black Hole AODV Node absorbs the packets in the connection from Node 0 to Node 4. Figure 6 shows how the Black Hole AODV Node absorbs the traffic.

Fig 6.Node 2 (Black Hole Node) absorbs the connection Node 0 to Node 4.

5.2 Simulation Graphs Each simulation leads to two observations. In the first observation one every node is working in cooperation with each other to keep the network in communication. The second observation the network has one malicious node that carries out the Black Hole Attack. In the work, the results of these two observations are studied to understand the network and node behaviors. The trace files recordings are represented with the help of graphs. The first graph (Figure 7) shows the packets received by the Node 4 increases with time under normal network working conditions. And the second graph (Figure 8) shows the packets received by the Node 4 is nil under the black hole attack. In figure 7 the graph shows number of packets that node 4 receives from node 0 with respect to time. As there is no black hole attack in graph 1 so the graph rises linearly with time.

Sarita Chaudhary,IJRIT

94

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 6, June 2014, Pg: 90-97

Fig.7: Graph of Trace File without Black hole

Fig.8: Graph of Trace File with Black hole

In figure 8 in the beginning node 0 data is transmitted to node 4 successfully, as node 2(malicious node) not in the range of node 0.But with time as node 1 moves and node 2 comes near node 0 it start absorbing packet generated from node 0. So from simulation time 3sec to 7 sec the graph shows no progress in packet receive. But as malicious node goes out of range due to properties of MANET the normal AODV node comes as intermediate node thus resumes the packet forwarding to node 4. 6. CONCLUSION AND FUTURE SCOPE In this research paper an efficient approach for the detection of the Black hole attack in the Mobile Ad Hoc Networks on AODV routing protocol is proposed. Having simulated the Black Hole Attack, it was seen that the packet loss is increased in the ad-hoc network and the receiving node did not received any packets. As the future work, solution of black hole on AODV protocol could be implemented & the other routing protocols could be simulated as well. All routing protocols are expected to present different results. REFERENCES [1] Nisha, Simranjit Kaur, Sandeep Kumar Arora, “Analysis of Black Hole Effect and Prevention through IDS in MANET”, American Journal of Engineering Research (AJER) e-ISSN : 2320-0847, p-ISSN : 2320-0936 Volume02, Issue-10, pp-214-220, 2013. [2] Mandakini Tayade, Sanjeev Sharma, “Review of Different TCP Variants in AD-HOC Networks”, International Journal of Engineering Science and Technology (IJEST), Vol. 3 No. 3 March 2011, pp.1906-1913, ISSN : 09755462.

Sarita Chaudhary,IJRIT

95

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 6, June 2014, Pg: 90-97

[3] Josh Broch, David A. Maltz, David B. Johnson, Yih-Chun Hu, “A Performance Comparison of Multi-Hop Wireless Ad Hoc Network Routing Protocol” MOBICOM 9S Dallas Texas USA Copyright ACM 19981-58113~35. [4] Santhi,S.; Sadasivam, G.S., “Performance evaluation of different routing protocols to minimize congestion in heterogeneous network” International Conference on Recent Trends in Information Technology (ICRTIT), 2011 , Page(s): 336 – 341. [5] Khatkar, A. ; Singh, Y., “Performance Evaluation of Hybrid Routing Protocols in Mobile Ad Hoc Networks” Second international conference on Advanced Computing & Communication Technologies(ACCT),2012 Digital Object Identifier:10.1109/ACCT.2012.86. [6] Malarkodi, B., Gopal, P., Venkataramani, B., “Performance Evaluation of Ad hoc Networks with Different Multicast Routing Protocols and Mobility Models” International conference on Advances in Recent Technologies in Communication and Computing, 2009. ART Com'09.Digital Object Identifier: 10.1109/ARTCom.2009.29 Publication Year: 2009,Page(s):81-84. [7] D. Johnson, D. Maltz and J. Broch, “DSR the Dynamic Source Routing Protocolfor Multihop Wireless Ad Hoc Networks”. Ad Hoc networking, Chapter 5, page 139-172. Addison-Wesley, 2001. [8] K Fall and K. Varadhan, The NS Manual, November 18, 2005, http:// www.isi.edu/nsnam /ns/doc/ns_doc.pdf. 25 July 2005. [9] Jaspal Kumar, M. Kulkarni, Daya Gupta, “ Effect of Black Hole Attack on MANET Routing Protocols”, I. J. Computer Network and Information Security, 2013, 5, 64-72 Published Online April 2013 in MECS, May 2008. [10] Kamarularifin Abd. Jalil, Zaid Ahmad, Jamalul-Lail Ab Manan, “Mitigation of Black Hole Attacks for AODV Routing Protocol”, International Journal on New Computer Architectures and Their Applications (IJNCAA) 1(2): 336-343. The Society of Digital Information and Wireless Communications, 2011 (ISSN: 2220-9085). [11] Satoshi Kurosawa, Hidehisa Nakayama, Nei Kato, “Detecting Black hole Attack on AODV-based Mobile Ad Hoc Networks by Dynamic Learning Method”, International Journal of Network Security, Vol.5, No.3, PP.338–346, Nov. 2007. [12] G. Vigna, S. Gwalani and K. Srinivasan, “An Intrusion Detection Tool for AODV-Based Ad hoc Wireless Networks”, Proc. of the 20th Annual Computer Security Applications Conference (ACSAC’04). [13] P. Misra,. “Routing Protocols for AdHoc Mobile WirelessNetworks”,http://www.cse.wustl.edu/~jain/cis78899/adhoc_routing/index.html, 14 May 2006. [14] F. Stajano and R. Anderson, “The Resurrecting Duckling: Security Issues for Ad-Hoc Wireless Networks”, Security Protocols, 7th International Workshop Proceedings, Lecture Notes in Computer Science, 1999. University of Cambridge Computer Laboratory. [15] F. J. Ros and P. M. Ruiz, “Implementing a New Manet Unicast Routing Protocol in NS2”, December,2004,http://masimum.dif.um.es/nsrt-howto/pdf/nsrthowto.pdf, 25 July 2005. [16] H. Deng, W. Li and D. P. Agrawal, “Routing Security inWireless Ad Hoc Networks”. University of Cincinnati, IEEE Communication Magazine, October 2002. [17] P. Ning and K. Sun, “How to Misuse AODV: A Case Study of Insider Attacks Against Mobile Ad-Hoc Routing Protocols”, Proc.of the 2003 IEEE Workshop on Information Assurance United States Military Academy, West Point, NY., June 2003. Sarita Chaudhary,IJRIT

96

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 6, June 2014, Pg: 90-97

[18] T. Lin, S. Midkiff, and J. Park,”A framework for wireless ad hoc routing protocols”, in WCNC: Wireless Communications and Networking. IEEE Computer Society, 2003, pp. 1162.1167. [19] M. G. Zapata, Secure Ad Hoc on-demand Distance Vector (SAODV) Routing, IETF Internet Draft,draftguerrero-manet-saodv-03, Mar. 2005. [20] N. Mistry, D. C. Jinwala, and M Z averi, “Improving AODV protocol against black hole attacks", Proceeding of International Muiti Conference of Engineers and Computer Scientists vol. II, IMECS 2010, pp. 1034-1039, Hong Kong, March 17-19, 2010.

Sarita Chaudhary,IJRIT

97