202
Copyright © 2011-15. Vandana Publications. All Rights Reserved.
Volume-5, Issue-2, April-2015
International Journal of Engineering and Management Research
Page Number: 202-206
Comparative Analysis of Black Hole Attack in MANE
ABSTRACT
MANET is a network, which is very popular due to its unique characteristics from all the other types of networks. Generally, in this type of network the security is missing due to its infrastructure less nature. The node causes cheating during the transmission process in the network Most MANET routing protocols are vulnerable to attacks that can freeze the whole network. Thus these may affects the performance of the network. Black hole attack is one of the possible attacks in MANET. In black hole attack, a malicious node sends the route reply message to the source node in order to advertise itself for having the shortest path to the destination node. The malicious node reply will be received by the requesting node before the reception of the any other node in the network. When this route is created, malicious node receives the data packet, now it’s up to the malicious node whether to drop all the data or forward it to the unauthenticated nodes. In this paper, we give an overview of attacks according to the protocols stacks, and to security attributes and mechanisms.
Keywords— MANET, Security, Attacks, Network
I.
INTRODUCTION
ireless ad hoc networks draw lots of attentions in recent years due to its potential applications in various areas. Among the various network architectures, design of the mobile ad hoc networks (MANET) plays an important role. Such a network can either operate in a standalone fashion with the ability of self-configuration and no clock synchronization mechanism. Mobile Ad-hoc networks are self-organizing and self-configuring multi-hop wireless networks where, the structure of the network changes dynamically. No base stations are supported in such an environment, and mobile hosts may have to communicate with each other in a multi-hop fashion.
Minimal configuration and fast deployment make MANETs suitable for emergency situations like natural or human-induced disasters and military conflicts. The performance of a mobile ad hoc network mainly depends on
the routing scheme. In Ad-hoc networks require multi-hop routing and all nodes can potentially contribute in the routing protocols.
Routing is the moving information from a source to a destination in an in network. At least one intermediate node within the internetwork is encountered during the transfer of information. Mainly two activities are involved in this concept. determining optimal routing paths and transferring the packets through an internetwork. The transferring of packets throughout an internetwork is called as packet switching which is straight forward, and the path determination might be very complex.
Figure:1 Black Hole Attack
Routing is mainly classified into static routing and dynamic routing. Static routing is the routing strategy being stated manually or statically, in the router. Static routing maintains a routing table usually written by a networks administrator. And dynamic routing is that routing strategy that is being learnt by an interior or exterior routing protocol.
II. AN OVERVIEW OF RELATED WORK
There are plenty and different routing protocols in MANET and kinds of investigations have been completed in recent decades [1, 2]. In this section, we introduce the famous and popular routing protocols in MANET. Before a Nithya.S1, Sivaraja.S2 & Sindhu.S3
1
Assistant Professor ECE, KPR Institute of Engineering & Technology, Coimbatore, INDIA
2
Student I ME (CSE), Kathir College of Engineering & Technology, Coimbatore, INDIA
3
W
203
Copyright © 2011-15. Vandana Publications. All Rights Reserved.
mobile node wants to communicate with a target node, itshould broadcast its present status to the neighbors due to the current routing information is unfamiliar. According to how the information is acquired, the routing protocols can be classified into proactive, reactive and hybrid routing.
The proactive routing is also called table-driven routing protocol. In this routing protocol, mobile nodes periodically broadcast their routing information to the neighbors. Each node needs to maintain their routing table which not only records the adjacent nodes and reachable nodes but also the number of hops. In other words, all of the nodes have to evaluate their neighborhoods as long as the network topology has changed. Therefore, the disadvantage is that the overhead rises as the network size increases, a significant communication overhead within a larger network topology.
However, the advantage is that network status can be immediately reflected if the malicious attacker joins. The most familiar types of the proactive type are destination sequenced distance vector (DSDV) [3] routing protocol and optimized link state routing (OLSR) [4] protocol.
The reactive routing is equipped with another appellation named on-demand routing protocol. Unlike the proactive routing, the reactive routing is simply started when nodes desire to transmit data packets. The strength is that the wasted bandwidth induced from the cyclically broadcast can be reduced. Nevertheless, this might also be the fatal wound when there are any malicious nodes in the network environment. The weakness is that passive routing method leads to some packet loss. Here we briefly describe two prevalent on-demand routing protocols which are ad hoc on-demand distance vector (AODV) [5] and dynamic source routing (DSR) [6] protocol. AODV is constructed based on DSDV routing. In AODV, each node only records the next hop information in its routing table but maintains it for sustaining a routing path from source to destination node. If the destination node can’t be reached from the source node, the route discovery process will be executed immediately In the route discovery phase, the source node broadcasts the route request (RREQ) packet first. Then all intermediate nodes receive the RREQ packets, but parts of them send the route reply (RREP) packet to the source node if the destination node information is occurred in their routing table. On the other hand, the route maintenance process is started when the network topology has changed or the connection has failed. The source node is informed by a route error (RRER) packet first. Then it utilizes the present routing information to decide a new routing path or restart the route discovery process for updating the information in routing table. The design idea of DSR is based on source routing. The source routing means that each data packet contains the routing path from source to destination in their headers.
Unlike the AODV which only records the next hop information in the routing table, the mobile nodes in DSR maintain their route cache from source to destination node. In terms of the above discussion, the routing path can be determined by source node because the routing information is recorded in the route cache at each node. However, the performance of DSR decreases with the mobility of network
increases, a lower packet delivery ratio within the higher network mobility.
Hybrid Routing Protocol: The hybrid routing protocol combines the advantages of proactive routing and reactive routing to overcome the defects of them. Most of hybrid routing protocols are designed as a hierarchical or layered network framework. In the beginning, proactive routing is employed to completely gather the unfamiliar routing information, then using the reactive routing to maintain the routing information when network topology changes. The familiar hybrid routing protocols are zone routing protocol (ZRP) [7] and temporally-ordered routing algorithm (TORA) [8].
III.
ROUTING PROTOCOLS FOR
MOBILE AD HOC NETWORKS
MANET routing protocols are categorized into three Main categories depending upon the criteria when the source node possesses a route to the destination, as shown in figure 1.
1. Table driven/ Proactive
2. Source initiated (demand driven) / Reactive 3. Hybrid
. Figure:2 Types of Routing Protocols
Table Driven Protocol:
Table driven also known as proactive protocols maintain reliable and up to date routing information between all the nodes in an ad hoc network. In this each node builds its own routing table which can be used to find out a path to a destination and routing information is stored. Whenever there is any variation in the network topology, updating has to be made in the entire network. Some of the main table driven protocols are:
1. Optimized Link State Routing protocol (OLSR)
2. Dynamic Destination sequenced Distance vector routing (DSDV)
3. Wireless routing protocol (WRP) 4. Fish eye State Routing protocol (FSR) 5. Global State Routing (GSR)
204
Copyright © 2011-15. Vandana Publications. All Rights Reserved.
Table :1 Comparison of Table Driven Routing ProtocolsOn-Demand Routing Protocols
On-demand routing protocols were designed to reduce the overheads in Table-Driven protocols by maintaining information for active routes only. When a node requires a route to a destination, it initiates a route discovery process within the network.
This process is completed once a route is found or all possible route permutations have been examined. Once a route has been established, it is maintained by a route maintenance procedure until either the destination becomes inaccessible along every path from the source or until the route is no longer desired. Route discovery usually occurs by flooding a route request packets through the network. When a node with a route to the destination (or the destination itself) is reached a route reply is sent back to the source node using link reversal if the route request has traveled through bidirectional links or by piggy-backing the route in a route reply packet via flooding.
On-Demand routing protocols can be classified into two categories: source routing and hop-by-hop routing. In Source routed on-demand protocols each data packets carry the complete path from source to destination. Therefore, each intermediate node forwards these packets according to the information in the header of each packet. The major drawback with source routing protocols is that in large networks they do not perform well. This is due to two main reasons; firstly as the number of intermediate nodes in each route grows, then so does the probability of route failure.
Secondly, as the number of intermediate nodes in each route grows, then the amount of overhead carried in each header of each data packet will grow as well. In hop-by-hop routing each data packet only carries the destination address and the next hop address. Therefore, each intermediate node in the path to the destination uses its routing table to forward each data packet towards the destination.
The advantage of this strategy is that routes are adaptable to the dynamically changing environment of MANETs, since each node can update its routing table when they receiver fresher topology information and hence forward the data packets over fresher and better routes. Using fresher routes also means that fewer route recalculations are required during data transmission.
The disadvantage of this strategy is that each intermediate node must store and maintain routing
information for each active route and each node may require being aware of their surrounding neighbors through the use of beaconing messages.
Some of the main On Demand Routing Protocols as Follows:
1. Ad hoc On Demand Distance Vector (AODV) 2. Dynamic Source routing protocol (DSR) 3. Temporally ordered routing algorithm (TORA) 4. Associativity Based routing (ABR)
Table: 2 Comparison between Table Driven & On Demand Routing Protocols
Hybrid Routing Protocols:
This type of routing protocols combines the features of both the previous categories. Nodes belonging to a particular geographical region are considered to be in same zone and are proactive in nature. Whereas the communication between nodes located in different zones is done reactively. The different types of Hybrid routing protocols are:
1. Zone routing protocol (ZRP)
2. Zone-based hierarchical link state (ZHLS) 3. Distributed dynamic routing (DDR
IV. ROLE OF ATTACKS IN MANET
MANETs often experience unusual security attacks because of their following features such as dynamically changing topology, lack of central monitoring, mutual algorithms and absence of a centralized certification authority etc. Generally mobile ad hoc networks are affected by two kinds of attacks which are classified as passive and active. Passive attacks do not affect the functionality of network, but may attempt to find out vital information by listening to traffic .
205
Copyright © 2011-15. Vandana Publications. All Rights Reserved.
data by adding random packets and force to interrupt theoperation of network.
The main purpose is to pull all packets towards the attacker for analysis or to obstruct the network communication. Such attacks can be detected and the nodes can be identified. Passive attacks can be debarred using various encryption mechanisms. Only active attacks can be accepted out at routing level. These can either be inner outer. Inner attacks can be passive and active. Passive attacks are unauthorized disruption of the routing packets and active attack is from outside sources to degrade or damage message flow within the network nodes .
In order to combat these attacks a secure ad hoc environment should provide confidentially, integrity, authenticity, availability and non-repudiation. The following are few attacks based on routing mechanisms Worm Hole: It is also a network layer attack in which two malicious nodes that is part of foreign private network record packets at one location in the network, rebroadcast them to another location through their private network and retransmits them into the network Black Hole: It is a network layer attack in which all the packets are dropped by sending fake packets. The attacker node advertises itself and declares having the shortest path to the destination. All the nodes start forwarding packets to this node and then the malicious node just drops all the incoming packets. Black hole attack mainly attacks AODV protocol.
Black hole problem in MANETS is a serious security problem to be solved. In this problem, a malicious node uses the routing protocol to advertise itself as having the shortest path to the node whose packets it wants to intercept. 1) INTERNAL BLACKHOLE ATTACK
In this attack malicious node fits in between the routes of source and destination. As its present internally so this node make itself an active data route element. Now that node is capable of conducting attack in network. Internal attack is more sever then external attack.
2) EXTERNAL BLACK HOLE ATTACK
External attacks physically stay outside of the network and deny access to network traffic or creating congestion in network or by disrupting the entire network. External attack can become a kind of internal attack when it take control of internal malicious node and control it to attack other nodes in MANET.
In this Malicious node detects the active route and notes the destination address. Then Malicious node sends a route reply packet (RREP) including the destination address field spoofed to an unknown destination address. Hop count value is set to lowest values and the sequence number is set to the highest value.
Malicious node send RREP to the nearest available node which belongs to the active route. This can be sent directly to the data source node if route is available. The RREP received by the nearest available node to the malicious node will relayed via the established inverse route to the data of source node.
The new information received in the route reply will allow the source node to update its routing table. New route selected by source node for selecting data. The malicious
node will drop now all the data to which it Belong in the route because is presented inside the network.
SINGLE BLACK HOLE ATTACK
AODV route discovery mechanism is based on RREQ/RREP messages. Source node broadcasts the RREQ message to its neighbors. Either the destination or intermediate node sends RREP.
The RREP received first by source node is accepted and all further RREPs are discarded. Black hole node takes benefit of this feature of AODV and sends RREP first even without checking its routing table. In this way, a route through black hole node is setup and black hole node consumes all the forwarded packets
Figure: 3 Single Black Hole Attack
COOPERATIVE BLACK HOLE ATTACK
According to the original AODV protocol, when source node S wants to communicate with the destination node D, the source node S broadcasts the route request (RREQ) packet. The neighboring active nodes update their routing table with an entry for the source node S, and check if it is the destination node or has a fresh enough route to the destination node.
If not, the intermediate node updates the RREQ (increasing the hop count) and floods the network with the RREQ to the destination node D until it reaches node D or any other intermediate node which has a fresh enough route to D, as depicted by example in below Figure
206
Copyright © 2011-15. Vandana Publications. All Rights Reserved.
Figure 4: Cooperative black hole attackV. CONCLUSION AND FUTURE WORK
In this paper we have studied the various routing protocols & its security issues of MANETs, described comparative analysis of single black hole & cooperative black hole attack that can be mounted against a MANET. As future work, we intend to develop some solutions to prevent these types of attacks & provide few simulations to analyze the performance of the proposed solution.
REFERENCES
[1]Royer EM, Toh C-K (1999) A Review of Current Routing Protocols for Ad Hoc Mobile Wireless Networks. IEEE PersonalCommunications 6(2):46–55. doi: 10.1109/98.760423
[2] Sanzgiri K, Dahill B (2002) A Secure Routing Protocol for Ad Hoc Networks. Paper presented at the 10th International Conference on Network Protocols, Paris, France, 12-15 November 2002
[3]Perkins CE, Bhagwat P (1994) Highly Dynamic Destination-Sequenced Distance-Vector Routing (DSDV) for Mobile Computers. Paper presented at the ACM SIGCOMM’94 Conference, London, United Kingdom, August 31 - September 2,
1994
[4]. Jacquet P, Muhlethaler P, Clausen T, Laouiti A, Qayyum A, Viennot L (2001) Optimized Link State Routing Protocol forAd Hoc Networks. Paper presented at the IEEE International Multi Topic Conference, Lahore, Pakistan, 28-30 December 2001
[5]Perkins CE, Royer EM (1999) Ad-hoc On-Demand Distance Vector Routing. Paper presented at the Second IEEE
Workshop on Mobile Computing Systems and Applications, New Orleans, Louisiana, 25-26 February 1999
[6]. Johnson DB, Maltz DA (1996) Dynamic Source Routing in Ad Hoc Wireless Networks. In: Imielinski T, Korth H (eds)Mobile Computing, vol 353. Kluwer Academic Publishers, pp 153–181
[7]Haas ZJ, Pearlman MR, Samar P (2002) The zone routing protocol (ZRP) for ad hoc networks. IETF Internet Draft
[8] Park V, Corson S (1998) Temporally-Ordered Routing Algorithm (TORA) Version 1 Functional Specification. Internet Draft,Internet Engineering Task Force MANET Working Group
[9]Mohammad Al-Shurman and Seong-Moo Yoon and Seungjin Park, “Black Hole Attack in Mobile Ad HocNetworks”
