A Comparative study of Collaborative Attacks on Mobile Ad- Hoc Networks

(1)

International Journal of Emerging Technology and Advanced Engineering

Website: www.ijetae.com (ISSN 2250-2459,ISO 9001:2008 Certified Journal, Volume 4, Issue 8, August 2014)

183

A Comparative study of Collaborative Attacks on Mobile

Ad-Hoc Networks

Umesh Kumar Singh

1

, Kailash Phuleria

2

, Shailja Sharma

3

, D.N. Goswami

4

1,2

Institute of Computer Science, Vikram University, Ujjain

3,4_{School of Studies in Computer Science, Jiwaji University, Gwalior}

Abstract— Mobile Ad-Hoc Networks (MANET) is

becoming a popular research area among researchers due to its versatile routing nature. Routing in MANET is a challenging issue due to dynamic network topology, limited bandwidth and limited battery power. Attacks are liable to occur if routing algorithms fails to detect vulnerable threats and to find and remove malicious nodes. Thus, in MANET, collaborative attacks are particularly serious issue. In this paper, we have examined certain collaborative attacks in MANET. Finally, we have compared some attacks using some important parameters and then addressed major issues related to this.

Keywords— MANET, Collaborative attacks, Worm-Hole,

Black-Hole, Routing and Sybil.

I. INTRODUCTION

In past few years, the explosive growth of mobile computing devices, which mainly include android cell phones, laptops, personal digital assistants (PDAs) and handheld digital devices, has encouraged a radical change in the computing world. With the emergence of ubiquitous computing research in wireless network is the need of the hour. The nature of the ubiquitous computing has made it necessary to adopt wireless network as the interconnection method as it is not possible for the ubiquitous devices to get wired network link whenever and wherever they need to connect with other ubiquitous devices.

A Mobile Ad hoc Network (MANET) is an independent system of mobile routers attached by wireless links. The routers move freely and organize themselves randomly. They have dynamic topology. There is no central server to monitor the intrusions or any other activities happened in the network. Due to the absence of centralized monitoring mechanism to observe network functionality, in most of the cases MANETs have to depend on routing protocol [1]. MANET has some fundamental characteristics such as open medium, dynamic topology, distributed cooperation and multi-hop routing. Due to these characteristics, wireless mobile ad-hoc network are vulnerable to the attacks.

For the basic functionality of the network, security is the most important concern in the mobile Ad-hoc network. Singh el al in [2], addressed the issue that protection of communication system against various kind of attacks like source based attacks, behavioral based attack, nodes based attack, security attack such as Denial of Service attack, impersonation, eavesdropping, Sybil attack, wormhole attack, sinkhole attack, black hole attack, gray hole attack etc. is a challenging task.

This paper is organized as follows: section II presents related works. In the section III a comparative study of collaborative attacks is presented. Simulation results are shown in section- IV. Conclusion and future work are shown in last section.

II. RELATED WORK

In this Section, we discuss various types of collaborative attacks that are proposed in the recent years by various researchers working on the areas of attacks over MANETs with their detection methods. MANET is very much popular due to the fact that these networks are dynamic, infrastructure less and scalability. Despite the fact of the popularity of MANET, these networks are very much exposed to attacks [3]. However, many researchers such as in [4, 5] contributed to remove main weaknesses of MANET such as limited bandwidth, battery power, computational power and security.

(2)

International Journal of Emerging Technology and Advanced Engineering

184

External attack is committed by external nodes and internal attack is done by nodes which are part of the MANET having shortages of resources like battery power and bandwidth etc. It is very difficult to isolate these nodes. Different kinds of attacks have been analyzed in MANET and their affect on the network.

In the black hole attack, attacker uses the routing protocol to advertise itself as having the best path to the node whose packets it want to intercept. An attacker use the flooding based protocol for listing the request for a route from the initiator, then attacker create a reply message he has the shortest path to the receiver. As this message from the attacker reached to the initiator before the reply from the actual node, then initiator assume that it is the shortest path to the receiver. So that a fake route is create. Once the attacker has been able to insert himself between the communications node, then attacker may able to do anything with the packet which is send by the initiator for the receiver [8]. Worm-hole attack which is also known as the tunneling attack, is possible even if the attacker has not compromised any other legitimate nodes and even if all communication provides authenticity and confidentiality [9-10].

A gray-hole attack is a variation of the black hole attack, where the malicious node is not initially malicious, it turns malicious sometime later. In this attack, an attacker drops all data packets but it lets control messages to route through it [11]. Sybil attack refers to the multiple copies of malicious nodes. It can be happen, if the malicious node shares its secret key with other malicious nodes. This way the number of malicious node is increased in the network and the probability of the attack is also increased. This paper focuses on the study the different collaborative attacks in MANET and compares the major cause of these attacks on the performances of different MANET applications.

III. COLLABORATIVE ATTACKS ON MANET

[image:2.612.325.573.127.281.2]

Singh et al in [2], classified MANET attacks can be in following categories:

Figure 1: Classification of Attacks.

In this paper we have focused on collaborative attacks. Collaborative attacks (CA) occur when more than one attacker or running process synchronize their actions to disturb a target network. Multiple attacks occur when a system is disturbed by more than one attacker, but not necessarily in collaboration. On the basis of study of different types of attacks we have categorized these attacks into two different categories. First: Direct Collaborative Attacks and Second: Indirect Collaborative Attacks.  Direct Collaborative Attacks: Here, the attacker nodes

are already in existence in the original network or a malicious node joins the network or an internal node is compromised in the network. This kind of collaborative attacks can be referred to as direct collaborative attacks. For examples, Black hole and Wormhole attack.

 Indirect Collaborative Attacks: The attacks in this category use different non-existent nodes in order to fake other nodes to redirect data packets to malicious node. This kind of collaborative attacks can be referred to as indirect collaborative attacks. For examples, Sybil and Routing table overflow attacks.

Now, we discuss some collaborative attacks in details:

 Black Hole Attack

(3)

International Journal of Emerging Technology and Advanced Engineering

185

Alternatively black-hole scenario may be defined as the one in which the cannel properties tend to be asymmetric i.e. the signal strength in both direction may not be same. In this case a node which receives the data packet but does not forward it is termed as black hole. In either case the normal operation of the MANET is disrupted [13].

[image:3.612.328.567.108.297.2]

Figure-2 shows how black hole problem occurs. Node ―KP‖ wants to send data packets to node ―Dr. UKS‖ and start the route detection process. So, if node ―LL‖ is a malicious node then it will claim that it has active route to the particular destination as soon as it receives route reply packets. It will then send the response to node ―KP‖ before any other node. In this way node ―KP‖ will think that this is the active route and thus active route detection is complete. Node ―KP‖ will ignore all other responds and will start sending data packets to node ―LL‖. In this way all the data packet will be lost consumed or lost.

Figure 2: Black- hole attack.

 Wormhole Attack

In wormhole attack, malicious node receives data packet at one point in the network and tunnels them to another malicious node. The tunnel existing between two malicious nodes is referred to as a wormhole. In this attack, a pair of attacker nodes creates tunnel between two groups of nodes. One attacker manages to receive the packet from one end of the tunnel and forwards them to another part of the network and relays them into the network from that point onwards [14].

For example as shown in figure 3, the nodes A and B are the malicious nodes which form a wormhole link or tunnel in the network when the source node ‗KP‘ sent a packet to find a suitable route to destination ‗Dr. UKS‘.

Figure 3: Worm-hole attack

In above figure-3, dark arrow lines shows packet sending paths, dotted lines shows network link and symbol X shows the location where wormhole attacks occurs.

 Sybil attack

Sybil attack refers to the multiple copies of malicious nodes. It can occur when the malicious node shares its secret key with other malicious nodes. This way the number of malicious node is increased in the network and the probability of the attack is also increased. It was originally described as an attack intended to defeat the objective of redundancy 286 Sustainable Wireless Sensor Networks mechanisms in distributed data storage systems in peer-to-peer networks [15].

The identities established by a Sybil attacker, whether represented by IP addresses, MAC addresses, or public keys differ from those of an honest node in several ways. Because the resources of a single node are used to simulate multiple identities, any particular assumed identity is resource constrained in computation, storage, or bandwidth. However, unlike separate entities, all identities of a Sybil attacker must share the same set of resources, and this sharing can be detected in some scenarios.

 Routing Attacks

[image:3.612.48.284.337.488.2]

(4)

International Journal of Emerging Technology and Advanced Engineering

186

The first is aimed at blocking the propagation of routing information to a node. The latter is aimed at disturbing the packet delivery against a predefined path.

In our study we have used the performance results published by several researchers and analyzed them. On the basis of these results, we conclude collaborative attacks in table 1:

TABLE 1

COMPARISON OF COLLABORATIVE ATTACK

IV. SIMULATION RESULTS

[image:4.612.328.561.211.382.2]

1) From table-1 it is clear that the black hole and worm hole attacks are mainly affects the performance of MANET.

Table 2 Simulation Parameters

PARAMETERS VALUES

Simulation time 600 seconds

Simulation area (m x m) 500 × 500

Number of Nodes 10 to 60

Transmit Power(W) 0-005

Packet size (bits) 1024 MB

Pause time 100 seconds

Performance Matrix Packet Delivery Ratio, and End-to-end delay

Mobility Speed 0 to 20 meter/second

In this section we have analyzed the performances of black-hole and worm hole attacks results of several researchers using OPNET simulator.

Further, we compared these results using Origin software and presented the depth performance analysis and collision analysis of black hole and worm hole attacks on different states over MANETs. We have considered the performances of the AODV in different network conditions.

Figure 4: No of Black hole nodes Vs Packet Delivery Ratio (Sent/Receive)

[image:4.612.49.291.241.389.2]

In Figure 4, the average Packet Delivery Ratio (PDR) of all the comparing AODV routing protocols are shown with the increase in the number of attackers in the network. It can be shown that as the number of black hole attacker‘s increases in the network, the Packet Delivery Ratio (PDR) for AODV decreases significantly.

Figure 5: No of Worm hole nodes Vs Packet Delivery Ratio (Sent/Receive)

[image:4.612.52.285.474.677.2] [image:4.612.329.566.492.650.2]

(5)

International Journal of Emerging Technology and Advanced Engineering

187

[image:5.612.51.288.190.341.2]

It can be shown that as the number of Worm hole attacker‘s increases in the network, the Packet Delivery Ratio (PDR) for AODV decreases significantly but less in comparison to Black Hole Nodes.

Figure 6: No of Black hole and worm hole nodes Vs Packet Delivery Ratio (Sent/Receive)

In Figure 6, we compare the network using AODV routing protocol. It shows the performance in terms of Packet Delivery Ratio (PDR). As number of Black hole and Worm hole attackers increases, Packet Delivery Ratio decreases significantly but in above graph we found that the Black hole attacks are high in comparison to worm hole attacks.

V. CONCLUSION AND FUTURE RESEARCH DIRECTION

In this paper, we have studied different types of attacks and introduced the collaborative attacks. On the basis of this study, we concluded that black hole attack is a powerful attack that can have serious cost on many proposed Mobile ad hoc network. The block hole attack affect the performances of several MANET applications. These attacks mainly target on the way of the data packets and hack it. So due to this accurate information cannot be delivered to the desired destinations and performance of network also decreased significantly. So, in future different routing protocols for MANET can also be studied to perform comparative study so that the comparative results can further be used to enhance the performance of routing protocols for MANET to prevent Black hole attacks.

REFERENCES

[1] Kakoty et al, Simulation and Analysis of Blackhole Attack in MANETs for Performance Evaluation, International Journal of Latest Trends in Engineering and Technology (IJLTET), Vol. 2 Issue 1, January 2013, pp.186-192.

[2] Singh Umesh Kumar et al, An analysis of Security Attacks found in Mobile Ad-hoc Network, International Journal of Advanced Research in Computer Science, Volume 5, No. 5, 2014, pp-34-39

[3] Shendurkar M., Nitin R.Chopde, A Review of Black Hole and Worm Hole Attack on AODV Routing Protocol in MANET, International Journal of Engineering Trends and Technology (IJETT) – Volume 9 Number 8 - Mar 2014, pp. 394-399.

[4] Z. Karakehayov, ―Using REWARD to Detect Team Black- Hole Attacks in Wireless Sensor Networks,‖ Wksp. Real-World Wireless Sensor Networks, June 20–21, year 2005, pp. 101-106.

[5] S. Kurosawa et al., ―Detecting Black hole Attack on AODV Based Mobile Ad Hoc Networks by Dynamic Learning Method,‖ Proc. Int‘l. J. Network Sec., year 2006, pp.21-27.

[6] B.Kannhavong, H.Nakayama, Y.Nemoto, N.Kato, A. Jamalipour, "A survey of routing attacks in mobile ad hoc networks",Wireless Communications, IEEE, year 2007.

[7] Hoang Lan Nguyen, Uyen Trang Nguyen, "A study of different types of attacks on multicast in mobile ad hoc networks", Volume 6, Issue 1, January 2008, Pages 32–46.

[8] Sharma S., Gupta R., ―Simulation study of blackhole attack In the mobile ad hoc networks‖, Journal of Engineering Science and Technology Vol. 4, No. 2 , year 2009.

[9] Upadhyay S., Chaurasia B.K. ―Impact of Wormhole Attacks on MANETs‖International Journal of Computer Science & Emerging Technologies (E-ISSN: 2044- 6004) 77 Volume 2, Issue 1, February 2011.

[10] Siwach R., Kaul V. ―A Study of Manet and Wormhole Attack in Mobile Adhoc Network‖ International Journal of Computer Science and Mobile Computing (IJCSMC), Vol. 2, Issue. 6, June 2013, pg.413 – 420

[11] Sharma K., Khandelwal N., Prabhakar M. ―An Overview Of security Problems in MANET‖, pp.-1-5.

[12] Bing Wu, Jianmin Chen, Jie Wu, Mihaela Cardei, A Survey on Attacks and Countermeasures in Mobile Ad Hoc Networks, WIRELESS/MOBILE NETWORK SECURITY Y. Xiao, X. Shen, and D.-Z. Du (Eds.), year-2006 Springer, pp. 1-38.

[13] C. K. Nagpal, Chirag Kumar, Bharat Bhushan, Shailender Gupta, A Study of Black Hole Attack on MANET Performance, I.J.Modern Education and Computer Science, 2012, pp. 47-53.

[14] Kaushik N., Dureja A., International Journal of Electronics and Communication Engineering & Technology (IJECET), Volume 4, Issue 2, March – April (2013), pp. 141-146.