Abstract- Adhoc wireless networks are defined as the category of wireless networks that utilize multihop radio relaying and are capable of operating without the support of any fixed infrastructure and hence they are also called infrastructureless networks. This type of network allows for spontaneous communication without previous planning between mobile devices. A variety of routing protocols for adhoc wireless networks has been proposed in recent past but Adhoc On demand Distance Vector (AODV) protocol is popular due to its dynamic nature that is routing information is exchanged and path finding process is initiated only when path is required by a node to communicate witha destination node. Attack is launched on this protocol if an intermediate node maliciously behaves during the path finding process and drop packets which goes through it. This attack becomes more severe if group of nodes co-ordinately work to launch this attack. In this paper mechanism is proposed to avoid such an coordinated attack called cooperative black hole attack by calculating trust value at each node using only control packets which helps in reducing routing overhead.
Keywords- co-operative black hole attack; MANET, AODV; Trust
I. INTRODUCTION
A network that is characterized as infrastructureless, spontaneous, dynamic is called adhoc wireless network or Mobile Adhoc ireless Network (MANET). A network (MANET) [1] with quick and economically less demanding deployment, find applications in several areas. Some of these include: military applications, collaborative and distributed computing, emergency operations, wireless mesh networks, wireless sensor networks, and hybrid wireless architectures. In this type of network, the routing and resource management are done in a distributed manner in which all nodes coordinate to enable communication among themselves. This requires each node to be more intelligent so that it can function both as a network host for transmitting and receiving data and as a network router for routing packets from other nodes. The security of communication in adhoc wireless networks is very important, especially in military applications. The lack of any central coordination and shared wireless medium makes them more vulnerable to attacks then wired networks. The attack against adhoc wireless networks are generally classified into two types: passive and active attacks. Passive attacks refer to attempt made by malicious node to study and understand pattern and learn valuable information. Active attacks sestroys or alter assests of a node or a network. Those active attacks that are executed by nodes outside the network are called external attacks, and those that are performed by nodes belonging to the same network are called internal attacks. Node that perform
internal attacks are called compromised nodes. The major security threats that exist in adhoc wireless networks are as follows: Denial of Service (DoS), resource consumption, host impersonation, information disclosure, interference. Also there are several types of attacks mounted on the routing protocol which are aimed at disrupting the operation of the network. Adhoc-On demand- Distance Vector (AODV) protocol being one of the popular protocol in MANET is vulberable to black hole attack.
In [2], the authors have assumed that the black hole nodes in a MANET do not work as a group and have proposed a solution to identify a single black hole. However, there proposed method cannot be applied to identify a co-operative black hole attack involving multiple malicious nodes.
Recent work proposed in [3],[4] rely on the introduction of a trusted examiner called ferry node, which moves around in the network and validates the packet delivery probability to determine the presence of the black hole attack. In this paper, without relying on a third party ferry node, we examine trust based upon sequence number exchanged between two neighboring nodes.
In [5] authors have proposed a detecting mechanism against coordinated attack plus a method to secure the history records of packet delivery information at each contact so that other nodes can detect internal attacks like gray hole attack. By analysing these records. Also authors have proposed a solution of cooperative security agent to avoid cooperative black hole attack. All the mechanism detect or avoid black hole attack by analysing pattern of data packets. We propose a solution to avoid the cooperative black hole attack using only management packets.
Vulnerability of MANET is explained in section II. In section III impacts of co-operative black hole attacks are explained. Trust mechanism is described in section IV. Workflow of trust mechanism and implementation are described in section V and VI respectively.
II. VULNERABILITY OF MANET
A. Blackhole attack
A malicious node falsely advertises good paths to the destination node during path finding process. The intention of the malicious node could be to hinder the path finding process or to intercept all data packets being send to the destination node.
Characteristics of good paths include: less hop count and highest sequence number representing fresh route to the destination node.
B. Co-operative Blackhole attack
In this case multiple malicious node work together cooperatively to execute the attack consequently having high effect on network. This attack works on the master-slave principle wherein the master malicious node falsely advertises good paths to destination and attract the data packets towards it. Master malicious node now will drop the data packet or send the data packets to slave malicious node and instruct it to drop the packet. This makes it difficult for other nodes to detect the malicious node.
III. IMPACT OF CO-OPERATIVE BLACK HOLE ATTACK
A. Resource Consumption Attack
In this attack, the focus of the attackers is to waste away resources of other nodes. It can be power, memory, bandwidth or resources that are limitedly available with adhoc wirless networks.
B. Packet Dropping Attack
A packet drop attack is a type of denial of service attack in which a router that is supposed to rely packets instead discards them. This usually occurs from a router becoming compromised from a number of different causes. Because packets are routinely dropped from a lossy network, the packet drop attack is very hard to detect and prevent.
C. Grayhole Attack
An attack where some nodes switch thir states from blackhole honest intermittently and vice versa. The gray hole attack is a variant of the black hole attack in which a malicious node, selectively, destroys packets of the traffic that passes through it.
IV. TRUST MECHANISM
Naveen Kumar et al. [6] Proposed an algorithm which is based on Trust based AODV Routing Protocol for mobile ad-hoc network, and worked on the concept of honest value, which is calculated on the concept of hop and trust to protect the network from affected nodes (malicious nodes). In proposed HAODV routing protocol, before forwarding the data through various routes, the routing paths have been evaluated according to the trust metrics by the nodes. This method is based on Honest mechanism to secure the AODV routing protocol. The performance of the HAODV has been analyzed using three parameters namely the number of drop packets, throughput and Packet Delivery Ratio. The HAODV performs well in terms of throughput and number of dropped packets. The future work of this method is to implement the proposed scheme with more number of parameters while evaluating the path.
Naveen Kumar Gupta and Amit Garg [7] proposed a Trust based Management framework for securing AODV Routing Protocol. This worked on the concept of Trust factor and selection of most efficient route and using the Trust Value a routing path is evaluated, also during the route exchange process the route gets updated. The performance of the proposed system is calculated based on the Packet Delivery Ratio (PDR), number of drop packets and throughput. The identity information (Internet Protocol address and Trust Factor Value) has been used to prevent the attack by the malicious node. This identity information has been assigned to each node in the initialized phase or when the node has been configured. In future works, to optimize above mentioned scheme in terms of number of nodes and building the fast mechanism to detect and prevent the attacker nodes even when large number of nodes.
N. Bhalaji et al. [8], Presented a Trust based routing model to deal with Black hole and Cooperative Black hole attacks that are caused by malicious nodes. Here, Author applied the ABDSR (Association based DSR protocol) to route selection to improve the routing security. The purpose of applying ABDSR (Association based DSR protocol) is to determine the foremost and protected route in the network. In this scheme, a Trust value is associated to each node, which represented the value of trustworthiness to each of its neighbor nodes. In this scheme, the association among the nodes are classified and according to the classification, neighboring nodes are categorized into three types: Unknown, Known and Companion.
Unknown: The unknowns are the non trusted nodes, having minimum trust level. When any new node joins the network, its trust relationship with its all neighbors is low or negligible.
Known: These are the nodes which having the trust value in between the Companion and Unknown. It’s means that a node is known to its neighbor node, that is it has received some packets through that node.
Companion: These are the most trusted nodes or the nodes with the highest trust value can be treated as Companion. Means, more the trust level, more the transmission rate through this Companion node (neighbors had received or transfer many packets successfully.)
For calculating the Trust value, author proposed a very simple equation:
Where,
This mechanism still uses data packets to evaluate whether a node is a black hole node or not.
We propose a mechanism to avoid black hole node by using only management packets. The mechanism is proposed in such a way that no additional management packets are required thus reducing the overhead to a great extent.
For a blackhole node value of R2 will be equal to that of a genuine node that is 1.
Therefore,
for other nodes R2 can go to ∞ that is if node does not participate in route discovery process.
then we can say that,
therefore we can deduce the formula as follows
the acknowledge bit can be avoided as it is a deduced parameter of R2.
This mechanism ensures the best path between source node and destination node and avoids the blackhole node or master black hole node as in co-operative black hole attack by calculating trust value at each node and the selecting the node to forward the data packets.
V. WORKFLOW OF MECHANISM
Prior of discussing workflow of avoiding co-operative black hole attack let us discuss the workflow on creating malicious scenario which would help us to simulate the avoidance mechanism.
The flowchart shown in Figure 1 depicts the characteristics of blackhole node as it would behave when it receives a RREQ packet.
The workflow shown in Figure 2 depicts the additional pre-processing AODV protocol has to do to calculate trust value for a node. This preprocessing involves calculation of trust value, which is initially set to T1 = tanh(1) and then its comparision is done with the deduced formula so as to select the best or good path to reach to destination.
VI. IMPLEMENTATION
The proposed scheme is implemented using ns-2.35 (Network Simulator). We have considered the simulation parameters as shown in Figure 3
SNAPSHOTS:
A. MANET without black hole attack
In figure we have considered node 0 as source node and node 11 as destination node so the path choosen by node 0 to reach node 11 is 0-2-7-9-11. [shown in blue color]
B. MANET with cooperative black hole attack
Figure shows that node 5 and node 10 have formed cooperative black hole attack. [shown in red color]
C. Avoidance of Cooperative Black Hole attack
Figure shows how trust value selects the best path to reach to destination node avoiding the black hole node via route 0-2-4-9-11
D. Metrics Used for analysis
Following metrics are choosen to evaluate the impact of black hole attack in network: 1) End to End delay 2) Throughput.
No extra management packets are used to avoid the malicious node thus the routing overhead does not increase.
Figure 7 shows the end to end delay analysis for the proposed scheme and the normal AODV protocol. We observe that the results of the proposed scheme are amost identical to the normal AODV protocol. For malicious node the end to end delay graph converges to zeros.
Figure 8 shows the Throughput analysis for the proposed scheme and the normal AODV protocol. We observe that the mean analysis of both the approaches are equal.
VIII. CONCLUSION
A security method has been proposed to avoid black hole nodes and co-operative black hole nodes hereby identifying a best path from source node to destination node. The proposed scheme has been evaluated by implementing it in network simulator ns2, and results demonstrate effectiveness of the mechanism. This mechanism can effectively avoid and mitigate negative impact caused by black hole node or co-operative black hole nodes. As a future scope of work, the proposed mechanism can be extended so that it can defend other attacks like gray hole attack.
References
[1] C. S. Murthy and B. S. Manoj, “Ad hoc wireless networks: Architectures and protocols.â€, Pearson Education India, 2006.
[2] Yanzhi Ren, Mooi Choo Chuah, Jie Yang, Yingying Chen, "Detecting Blackhole Attacks in Disruption-Tolerant Networks through Packet Exchange Recording", IEEE Wireless Communications, Vol. – 11, 2010.
[3] Abderrahmane Baadache, Ali Belmehdi, “Avoiding Black hole and Cooperative Black hole Attacks in Wireless Ad hoc Networksâ€, (IJCSIS) International Journal of Computer Science and Information Security, Vol. 7, No. 1, 2010.
[4] H.A. Esmaili, M.R. Khalili Shoja, Hossein gharaee, “Performance Analysis of AODV under Blackhole Attack through Use of OPNET Simulatorâ€, World of Computer Science and Information Technology Journal (WCSIT), Vol. 1, No. 2, pp. 49 52, 2011.
[5] Vaishali Mohite, Lata Ragha, “Cooperative Security Agents for MANETâ€, World Congress on Information and Communication Technologies, pp. 549-554, IEEE-2012
[6] Naveen Kumar Gupta and Kavita Pandey, “Trust Based Ad-hoc On Demand routing Protocol for MANETâ€, IEEE, 978-1-4799-0192-0/2013.
[7] Naveen Kumar Gupta and Amita Garg, “Trust and shortest path selection based routing protocol for mobile ad-hoc netowrksâ€, IJCA, Vol. 76, No. 12, August 2013.
[8] N. Bhalaji and Dr. A. Shanmugam, “Defense Strategy using Trust based model to mitigate active attacks in DSR based mobile ad-hoc networkâ€, Journal of Advances in Information Technology, Vol. 2, No. 2, May 2011.