Preventing Packet Dropping Attack By Node Bypassing
Technique On AODV Based Routing In
Mobile Ad-Hoc (MANETs)
Abstract
Mobile adhoc network is a wireless network, that sent packets from soure to destination using wireless medium. MANET’s is basically a self configuring mobile network. There is no need to pre-existing infrastructure for setting up MANET. It consists collection of mobile devices as a node in MANET. All the nodes in network coordinated with each other for configure MANET. It uses a wireless medium to send and receive the packets from source to destination. MANET introduce various attacks which are vulnerables,one of them is packet dropping attack is a type of DOS attack is common where malicious node can degrade the performance of network by continuously drop the packets on network.In this paper we proposed a node bypassing technique to mitigate the packet dropping attack in AODV routing.
Keywods: MANET, AODV routing protocol, Packet dropping attack, node bypassing technique
1.Introduction:
MANETs are a type of wireless networks which are rapidly deployable because there is no need for prefixed infrastructure for their configurationMANET is always be created on a temporary basis and no pre-existing and pre installed infrastructure is required to setting up MANET. Nodes of this network is mobile devices so the topology dynamically changes on time. All participant nodes are coordinated with each other for setting up MANET. This network uses wireless media and for forwarding packets from source to destination, they actually broadcast the packets. Also,before sending data from source to destination node the source node searches for route from source to destination.
As no special routers available in such network each node acts as a router and cooperates in the routing process. Special routing protocols are available for MANET like DSDV, DSR, AODV, etc. These protocols works well in a normal environment but due to attacker nodes and selfish intermediate nodes they are vulnerable to many types of malicious activities like traffic analysis, packet drop, packet delay, packet modification, etc.
Figure1. Mobile Adhoc Network
This paper formatting is as following way: Section II about liturater survey Section III of this paper gives the brief introduction about Adhoc On demand Distance Vector (AODV) routing protocol. explain the packet drop attack and Section IV This section is study about packet dropping attack SectionV This section illurstrate the node bypassing technique with redistribution of bandwidth to mitigate the packet dropping and bandwidth attack. sectionVI description of simulation environment and discuss the result of this paper and at last conclusion is given in SectionVII.
II. Literature Survey
Kajal S.patel and J.S Shah’s proposed a solution to packet dropping. And study about packet dropping attack using AODV routing,and detection of such node in MANET. They used modified AODV to avoid malicious node in route while route is being established. They have counted the total number of packets forwarded by the node which works as a router and also counted the total number of packets dropped by the node. While route establishment is in progress, the routing process checks the value of dropped packets and based on its value it takes decision whether to include that node in the route or not [5, 6].
When packet is arrived at a node, routing process checks whether to forward it or not based on sequence number of RREQ packet, source address and destination address, and the diameter of the network. If source address and destination address of the packet are same, node decided to drop the packet and it increments dropped_ pkts counter by one and drops the packet.But the drawback with this system to consume more time to calculate the number of packet dropped and number of pckets forwaded by a node,checks for all nodes presented in the network.
III. AODV (adhoc on demand distance vactor routing protocol) The Working process of the AODV routing protocol is divided into two steps route discovery and route reply.
III.1 Route Discovery: Whenever a source node wants to send packets to the destination, but doesn’t have a valid route to send data to destination, it initiates a route discovery process. The source creates an AODV RREQ (Route Request) packet. This packet contains the source node’s IP address, current (source) sequence number, destination IP address, destination sequence number (set to zero if no prior route exists), a broadcast ID , which is incremented with each RREQ and a Hop Count field set to zero. This RREQ packet is broadcasted by the source to its neighbors. The neighboring nodes first check that there is a path to destination is exist or not,if exist then the node send back RREP to the sender node. The source node in its route table noting the source node’s IP address and sequence number as well as the number of hops to the source node and the IP address of the neighbor from which the RREQ was received. This is used to forward the RREP back to the source node. The node then increments the hop count and broadcasts it to its neighbors. This goes
on until either the destination is reached or a node with a valid route to the destination is reached.
III.2 Route Reply: The RREP from the destination contains the destination IP address, its current sequence number, the source IP address and a lifetime field in addition to the hop count field which is set to zero. If an intermediate node sends the RREP, it contains the destination sequence number, hop count value equal to its distance frothe destination and the lifetime value set to the amount of time for which its route table entry for the destination will still be valid. The RREP is unicasted back to the source node. Any intermediate node receiving the RREP, sets up a forward route having the IP address of the destination and the neighbor from which the RREP arrived, the hop count value is incremented and then added and the lifetime of this entry is set to the lifetime in the RREP. Each time the route is used it lifetime is extended. There is also a delete period before actually deleting the route information to prevent any routing loops. When the source node receives the RREP, it also performs similar actions to update it route table. In case of multiple RREPs, the one with the highest sequence number or the minimum hop count is selected.
IV. PACKET DROPPING ATTACK
A packet dropping attack is a type of denial of service attack in which a node in the network will drop the packets instead of forwarding them, which
is shown in the fig 2. The packet dropping attack [3], [6], [11] is difficult to identify furthermore difficult to anticipate in light of the fact that it happens when the node gets to be traded off because of various diverse causes. The packet dropping attacks in MANETs can be ordered into different classifications regarding the procedure received by the noxious nodes to dispatch the attack.
Fig 2 Packet dropping attack.
The compromised node will broadcast the message that it has the shortest path towards the destination
to initiate packet dropping attack[11][12].
Hence all packet transmission will be directed through the compromised node,and the node is able to drop the packets.If malicious node attempts to drop all packets, the attack can be identified through common networking tools.Moreover,when the other routers notice that the compromised router is dropping all the packets,they will generally begin to remove that router from their forwading table. Hence, there is no packet transmission through the compromised node. However, it is very hard to detect the packet dropping attack, if the malicious router begins dropping packets on a specific period of time or over every n packet, because some packet transmission still flows across the network. For the prevention of packet dropping attack, detection of selfish nodes [6], [11], [12], [17] plays an important role in MANETs.
IV.1 REASONS FOR DROPPING PACKETS
A packet may be dropped due to contention in the medium.
A packet may be dropped due to congestion and corruption in the medium.
A packet may be dropped due to brok en link.
A packet may be dropped due to overflow of the transmission queue.
A packet may be dropped due to the malignant act of a malicious node.
A packet may be dropped due to much bandwidth consumed by a attacker node.
A packet may be dropped due to lack of energy resources.
A packet may be dropped due to the selfishness of a node to save its resources.
V. PROPOSED METHOD
So many routing protocols have been proposed for mobile adhoc networks, such as AODV, DSR, and DSDV and so on. All these protocols are effectively work in MANETs. However these packet dropping attacks severely affects the routing protocols performance. In this section we describe the proposed method for packet dropping and bandwidth attack.The proposed method uses node bypassing technique to detect the attack.
Proposed method contains following:
1. In this methodology the packets will drop due to seilfish of a node to save its resourcse for its own use and also drop packets due to bandwidth consumed by the attacker node,it is like a bandwidth attack and also known as DOS attack(denial of servive attack).
2. Each node is having unique id so that it can be distinguished from the other node,and assign bandwidth to each node in network layer.
3. The security is raised by distinguishing the invalid path from the valid path,By discovering the valid path we can send our control packets through it.The invalid path consists of some malicious nodes.
4. The first process consist of route discovery and route reply mechanism.The node is identified by the forwading RREQ and RREP packets during each hop. In route discovery process source node send RREQ to the neighbour node,then the noghbour node send the RREP to the source node if the route is exist .
5. when the source node IP address and the destination node IP address is same,that it means the node is a attacker node,and it continuously drop all the forwading packets.
6. For mitigation of such attack we will discuss the technique in the fig3 flow diagram/Steps
Step1: Distribute Bw to each node in the network.
Step2:Send RREQ(Route Request)/RREP(Route Reply) to all neighbour node form the sourcs node.
Step3:The neighbour node first check to see the RREQ,If it has already seen the RREQ then it is discarded otherwise it checks to see if it is a freasher route to the destination,if yes then it sends a RREP back to the source node.
Step4:If the RREQ and the RREP is same,means route request and route reply is generated by the same node,if yes then it drop all forward packets and behave like a packet dropping attack,then simply bypass the node and go to step2,otherwise add this node to the route.
Step5:Then check alteast two times If the node consume more bandwidth as compared to the assigned bandwidth,If no then not an attack,if yes then there may be possibility of attack.
Step6: Then check if the node,who require more bandwidth is a request bandwidth from the neighbour node,if yes then not an attack because the source node knows the location of neighbour node.If no, then it is attacker node.
Step7: Restore the assigned bandwidth.
Step8: Then simply bypass the node whos request for the bandwidth other then the neighbour node.
Step9:Then redistribute the bandwidth to the nodes in the network,except the attacker node.
Basically in our proposed work the target is how to detect packet dropping and bandwidth attack,and how can we prevent our network from these type of attack. Attacks are the major concern in adhoc network.
Fig:3 Flow Chart/Diagram
VI Results and Discussion: To evealuate the performance of the our proposed method we used same simulation parameters which is used to simulate the attack. In our proposed work source node sends tha packets until the attack is detected anwhen the attack is detected it bypass the attacker node and continue with the same route for data transmission.
Table1: Simulation Parameters and values:
Simulation Parameters Values
Number of Nodes 30
Routing Protocol AODV
Simulation Time
Transport Protocol UDP
Packet Size
We have done the simulation in MATLAB. We used mitigation for packet dropping and bandwidth attack.In this scenario the bandwidth is taken from X-axis,the following fig.4 is plotted average bandwidth before attack, after attack and after mitigation.
Fig.4 Average throughput comparision
In the following scenario fig.5 shows 14 packets will be dropped according to the literature survey.In our proposed work after detecting packet dropping attack(at route discovery by sending the RREQ/RREP) we will bypass that node without effecting the network,so that there is no packets will be dropped.
Fig.5 Packet dropping chart
Fig.6 Time Consumed
VII.Conclusion: When the network is under packet dropping attack or under bandwidth attack the performance of the network degrates,in order to incerse the performance of the network we need to detect malicious nodes(selfish nodes)from the network.The proposed system can detect the selfish node in route discovery and bypass the node without effecting the network,it will increase the performance of the network.
The following scenario shows that the proposed system is taking more time in route discovery(RREQ/RREP).But the system will not drop any packets.
References
5. Houssein, H., & Shahrestani, S. A. Improving the reliability of ad-hoc on demand distance vector protocol. WSEAS Transactions on Communications.
6. Houssein, H., Shahrestani, S. A. Mitigation of the effects of selfish and malicious nodes in ad-hoc networks. WSEAS Transactions on Communications.
.