Prevention of Black Hole Attack in Mobile Ad-hoc Networks using MN-ID Broadcasting

Transcription

1 Vol.2, Issue.3, May-Jue 2012 pp ISSN: Prevetio of Black Hole Attack i Mobile Ad-hoc Networks usig MN-ID Broadcastig Atoy Devassy 1, K. Jayathi 2 *(PG scholar, ME commuicatio Systems, SNS College of Techology, Coimbatore, Idia) ** (Associate professor, Departmet of ECE, SNS College of Techology, Coimbatore, Idia) ABSTRACT Black hole is a malicious ode that always gives the false replay for ay route request without havig specified route to the destiatio ad drops all the received packets. This ca be easily employed by exploitig vulerability of o demad routig protocol AODV. I mobile Ad hoc etworks black hole attack is a severe threat which ca be preveted by broadcastig the MN-ID (malicious ode id) to the whole odes i the etwork. The existig method idetified the attacked ode, retrasmit the packets ad agai fid a ew route from source to destiatio. Here the proposed method broadcast the MN- ID to the whole odes i the etwork. This method prevets the black hole attack imposed by both sigle ad multiple black hole odes. The tool used to implemet the proposed algorithm is NS2, which is a object orieted evet drive software package. The result of the simulatio study expected to get good etwork performace by miimizig the packet losses as well as effectively prevet the black hole attack agaist mobile Ad hoc etworks. Keywords- Ad-hoc, AODV, Blackhole, MN-ID 1. INTRODUCTION A mobile ad hoc etwork (MANET)[5] is a collectio of wireless mobile odes which have the ability to commuicate with each other without havig fixed etwork ifrastructure or ay cetral base statio. It is oe of the recet active fields ad has received spectacular cosideratio because of their selfcofiguratio ad self-maiteace. Early research assumed a friedly ad cooperative eviromet of wireless etwork. As a result they focused o problems such as wireless chael access ad multihop routig. Sice mobile odes are ot cotrolled by ay other cotrollig etity, they have urestricted mobility ad coectivity to others. Routig ad etwork maagemet are doe cooperatively by each other odes. Due to limited trasmissio power, multi hop architecture is eeded for oe ode to commuicate with aother through etwork. I this multi hop architecture, each ode works as a host ad as well as a router that forwards packets for other odes that may ot be withi a direct commuicatio rage. Each ode participates i a ad hoc route discovery protocol which fids out multi hop routes through the mobile etwork betwee ay two odes. These ifrastructure-less mobile odes i ad hoc etworks dyamically create routes amog themselves to form ow wireless etwork o the fly. Wireless ad-hoc etworks are composed of autoomous odes that are self- maaged without ay ifrastructure. I this way, ad-hoc etworks have a dyamic topology such that odes ca easily joi or leave the etwork at ay time. Ad hoc etwork have may potetial applicatios, especially, i military ad rescue areas such as coectig soldiers o the battlefield or establishig a ew etwork i place of a etwork which collapsed after a disaster like a earth quake. Ad-hoc etworks are suitable for areas where fixed ifrastructure is ot possible. Sice the odes commuicate with each other without a ifrastructure, they provide the coectivity by forwardig packets over themselves. To support this coectivity, odes use some routig protocols such as AODV (Ad-hoc O-Demad Distace Vector), DSR (Dyamic Source Routig) ad DSDV (Destiatio-Sequeced Distace-Vector). Besides actig as a host, each ode also acts as a router to discover a path ad forward packets to the correct ode i the etwork..i wireless ad-hoc etworks lack a ifrastructure ad such etworks are exposed to a lot of attacks. Oe of these attacks is the Black Hole attack. I the Black Hole attack [2][4][7], a malicious ode absorbs all data packets i itself, similar to a hole which sucks i everythig i. I this way, all packets i the etwork are dropped. A malicious ode droppig all the traffic i the etwork makes use of the vulerabilities of the route discovery packets of the o demad protocols, such as AODV. Which is used for idetifyig a fresh route from the source to destiatio? 2. AD-HOC ROUTING PROTOCOLS AND BLACK HOLE ATTACK A ad-hoc routig protocol[8] is a covetio, or stadard, that cotrols how odes decide which way to route packets betwee computig devices i a mobile ad hoc etwork. Beig oe of the category of ad-hoc routig protocols, o-demad protocols such as AODV [4] (Adhoc O demad Distace Vector) ad DSR (Dyamic Source Routig) establish routes betwee odes oly whe they are required to route data packets. AODV is oe of the most commo ad-hoc routig protocols used for mobile ad-hoc etworks. As its ame idicates AODV is a o-demad routig protocol that discovers a route oly whe there is a demad from mobile odes i the etwork. I a ad-hoc etwork that uses AODV[4][6] as a routig protocol, a mobile ode that wishes to commuicate with other ode first broadcasts a RREQ (Route Request) message to fid a fresh route to a desired destiatio ode. This process is called route discovery Page

2 Vol.2, Issue.3, May-Jue 2012 pp ISSN: Every eighborig ode that receives RREQ broadcast first saves the path the RREQ was trasmitted alog to its routig table. It subsequetly checks its routig table to see if it has a fresh eough route to the destiatio ode provided i the RREQ message. The freshess of a route is idicated by a destiatio sequece umber that is attached to it. If a ode fids a fresh eough route, it uicast a RREP (Route Reply) message back alog the saved path to the source ode or it re-broadcasts the RREQ message otherwise. Route discovery is a vulerability of o-demad ad-hoc routig protocols, especially AODV, which a adversary ca exploit to perform a black hole attack o mobile ad-hoc etworks. A malicious ode i the etwork receivig a RREQ message replies to source odes by sedig a fake RREP message that cotais desirable parameters to be chose for packet delivery to destiatio odes. After promisig (by sedig a fake RREP to cofirm it has a path to a destiatio ode) to source odes that it will forward data, a malicious ode starts to drop all the etwork traffic it receives from source odes. This deliberate droppig of packets by a malicious ode is what we call a black hole attack. The RREQ messages ad RREP messages are show i the figure2 ad figure3. Fig 1: RREQ messages Fig 3: Blackhole I black hole attack all etwork traffics are redirected to a specific ode which does ot exist at all. Because traffics disappear ito the special ode as the matter disappears ito Blackhole i uiverse. So the specific ode is amed as a Blackhole. A Blackhole has two properties[5]. First, the ode exploits the ad hoc routig protocol, such as AODV, to advertise itself as havig a valid route to a destiatio ode, eve though the route is spurious, with the itetio of iterceptig packets. Secod, the ode cosumes the itercepted packets. Blackhole attacks i AODV protocol routig level ca be classified ito two categories: RREQ Blackhole attack ad RREP Blackhole attack. 2.1 Black Hole Attack Caused By RREQ A attacker ca sed fake RREQ messages to form Black hole attack [2]. I RREQ ode address. Other odes will update their route to pass by the o-existet ode to the destiatio ode Fig 2:RREP messages Back hole is a malicious ode that falsely replies for ay route requests without havig active route to specified destiatio ad drops all the receivig packets. If these malicious odes work together as a group the the damage will be very serious. This type of attack is called cooperative black hole attack[5][9]show i figure3. Fig 4: Blackhole Formed By Faked RREQ As a result, the ormal route will be broke dow. The attacker ca geerate Blackhole attack by faked RREQ. The attacker forms a Blackhole attack betwee the source ode ad the destiatio ode by faked RREQ message as it is show i Figure Blackhole Attack Caused By RREP The attacker uicasts the faked RREP[1] message to the origiatig ode. Whe origiatig ode receives the faked RREP message 1018 Page

3 Vol.2, Issue.3, May-Jue 2012 pp ISSN: ode that set data packets through oe of its eighbors. I additio, if ay ode fids out the reliable path to destiatio which it eeds to sed the data, DRI table is updated with etries for all itermediate odes through the path. Table 1. Example of DRI table Node Id Data Routig Iformatio From Through Fig 5: Blackhole Caused By Faked RREP it will update its route to destiatio ode through the o-existet ode. The RREP Blackhole[2] is formed as it is show i Figure 5 3. PROTOCOL IMPLEMENTATION Ad-hoc O-Demad Distace Vector (AODV) Routig Protocol[4] is used for fidig a path to the destiatio i a ad-hoc etwork. To fid the path to the destiatio all mobile odes work i cooperatio usig the routig cotrol messages. Thaks to these cotrol messages, AODV Routig Protocol offers quick adaptatio to dyamic etwork coditios, low processig ad memory overhead, low etwork badwidth utilizatio with small size cotrol messages. The most distiguishig feature of AODV compared to the other routig protocols is that it uses a destiatio sequece umber for each route etry. The destiatio sequece umber is geerated by the destiatio whe a coectio is requested from it. Usig the destiatio sequece umber esures loop freedom. AODV makes sure the route to the destiatio does ot cotai a loop ad is the shortest path. Here the AODV itroduce data routig iformatio table ad cross checkig the RREQ ad RREP messages 3.1 Data Routig Iformatio Table Each ode maitais a data routig iformatio (DRI) table[1][2]. This table keeps track of whether or ot the ode did data trasfers with its eighbors. This table cotais oe etry for each eighbor ad idicates whether the ode has set data through this eighbor ad whether the ode has received data from this eighbor. Table etry cotais ode id, from ad through as show i Table 1. The field from stads for iformatio o routig data packets from the ode (i the ode id field) whiles the field through stads for iformatio o routig data packets through the ode (i the ode id field). Values of from ad through fields will be 0 or 1 to represet false ad true respectively. Table 1 shows the sample DRI table for a ode. The etry 1,0 for ode 3 implies that this ode has routed data packets from ode 3 but has ot routed ay data packet through ode 3. The etry 1,1 for ode 6 implies that this ode has successfully routed data packets from ad through ode 6. The etry 0,0 for ode 2 implies that ode has ot routed ay data packets from or through ode 2. This DRI table is updated whe ay ode received data packet from oe of its eighbors or ay I this protocol, if the source ode (SN) does ot have the route etry to the destiatio, ad broadcast a RREQ (Route Request) message to discover a secure route to the destiatio ode same as i the AODV. Ay ode received this RREQ either replies for the request or agai broadcasts it to the etwork depedig o the availability of fresh route to the destiatio. If the destiatio replies, all itermediate odes update or isert routig etry for that destiatio sice the destiatio will be trusted. Source ode also trusts o destiatio ode ad will start to sed data alog the path that reply comes back. Also source ode will update the DRI table with all itermediate odes betwee source ad the destiatio. If the itermediate ode (IN) geerates the Route Reply (RREP), it has to provide its ext hop ode (NHN) ad its DRI etry for the ext hop ode. Whe the reply comes back, it collects the IP addresses of all odes betwee source ad the itermediate ode but o itermediate ode updates the route etry for the destiatio. Upo receivig RREP message from IN, the source ode will check its ow DRI table to see whether IN is a reliable ode or ot. If the source ode has used IN before to route data, the IN is a reliable ode ad source will first sed a route establishmet message to IN ode alog the path that RREP comes accordig to the iformatio cotais i the RREP message. Upo receivig this message all odes betwee the source ad the itermediate ode will update or isert route etry for the destiatio. The source ode starts sedig data through the IN ad updates the DRI table with odes betwee source ad IN ode. If the source has ot routed data through IN before, IN is ot a reliable ode. The source first stores the iformatio about IN ad the odes betwee the source ad IN, ad seds Further Request (FREQ) message to NHN of the IN to verify the reliability of the IN ad ask NHN: If the curret NHN is the destiatio, the the ext hop etry ad the DRI etry for the ext hop fields of FREP cotai zeros ad all itermediate odes will either update or isert route etry for the destiatio. Whe the source receives FREP from destiatio, it starts routig data ad updates its DRI table with all odes 1019 Page

4 Vol.2, Issue.3, May-Jue 2012 pp ISSN: betwee the source ad the destiatio. If NHN is ot the destiatio, based o the FREP message from NHN, the source ode checks whether NHN is a reliable ode or ot. If the source ode has routed data through NHN before, NHN is reliable; otherwise NHN is ureliable. 4. PERFORMANCE METRICS 4.1 Throughput Ratio The throughput is the umber of bytes trasmitted or received per secod. The throughput ratio, deoted by T, is calculated as follows: T r Ti i 1 100% s Ti i 1 (1) 4.2 Average Ed To Ed Delay Average ed-to-ed delay of the applicatio data packets, deoted by D, is calculated as follows; d i i D 1 (2) Where di is the average ed-to-ed delay of data packets of ith applicatio ad is the umber of CBR applicatios. 5. COMPARISON WITH EXISTED METHOD Researchers have proposed various techiques to prevet black hole attack i mobile ad-hoc etworks. H. Weerasighe ad H. Fu[1] itroduces the use of DRI (Data Routig Iformatio) to keep track of past routig experiece amog mobile odes i the etwork ad crosscheckig of RREP messages from itermediate odes by source odes. The mai drawback of this techique is that wheever the black hole ode take part i two or more trasmissio path, each path there is a huge packet losses due to the black hole. Therefore the delay performace is high. 5.1 MN-Id Broadcastig Method I the proposed system, MN-ID broadcastig method is used. I this method oce the malicious ode is idetified, the particular ode id(oly for simulatio, real time ip address is used) is trasmitted to the etire etwork therefore whether the malicious ode take part i two or more path packets does ot move towards the malicious ode because whole odes i the etwork should kow about the malicious ode. Therefore the packets trasamitted through a alterative path from source to destiatio. Fig.6 MN-ID broadcastig method Figure6 shows the MN-ID broadcastig method. Here ode 1 represeted as source 1 ad ode 9 represeted as destiatio 1ad ode 6 is assiged as black hole ode. Whe the packet trasmissio takes place source 1 trasmitted packets to destiatio ode 9. Whe packet reaches o the ode 6 it will drop all the received packets. The the protocol idetify a alterative path to destiatio ad broadcastig the correspodig malicious ode ID (that is ode 6)to the etire odes i the etwork. The actual shortest from ode 4 to ode 5 is Wheever the packet trasmitted from ode 4, the packets are ot trasmitted through the correct shortest path because ode 6 is a black hole ad that particular ode ID is broadcasted to the etire etwork. Hece the packet trasmissio takes place through the path ad reach the proper destiatio. 6. SIMULATION PARAMETERS AND RESULTS The various parameters which are cosidered for etwork simulatio is specified i the table2 Table 2. simulatio parameters Number of odes 50 Packet size Data rate No. of BH odes 2 512bytes 512b/s The existig method (H. Weerasighe ad H. Fu method) simulatio results throughput vs time ad packet delivery ratio vs time is give below. These results are improved by MN-ID broadcastig method Page

5 Vol.2, Issue.3, May-Jue 2012 pp ISSN: CONCLUSION I this paper, we studied the problem of cooperative black hole attacks i MANET routig. The MN-ID broadcastig method provides improved performace of throughput packet delivery ratio ad reduced packet loss comparig with H.Weerasige ad H.Fu method. Therefore MN-ID broadcastig method provide improved etwork performace ad miimum packet loss i the packet trasmissio. Fig6: Throughput vs time MN-ID broadcastig ad DRI method(existig method) The compariso of packet delivery ratio vs time ad packet drop vs time i the MN-id method ad DRI method is give i the fig7 ad fig8. The graph shows that better results i MN-id method Fig7: pdr vs time i MN-ID broadcastig method ad DRI(existig method) method REFERENCES [1] H.Weerasige ad H.Fu(2008) Prevetig Black Hole Attack i Mobile Ad hoc Networks: simulatio, implimetatio ad evaluatio iteratioal joural of software egg. ad its applicatios,vol2,o3 [2] Sajay Ramaswamy, Huirog Fu, Maohar Sreekataradhya, Joh Dixo, ad Kedall Nygard, Prevetio of Cooperative Black Hole Attack i Wireless Ad Hoc Networks, 2003 Iteratioal Coferece o Wireless Networks (ICWN 03), Las Vegas, Nevada, USA [3] Hogmei Deg, Wei Li, ad Dharma P. Agarwal, (2002) "Routig Security i Wireless Ad Hoc Networks", Uiversity of Ciciati, IEEE Commuicatios magazie, Vol.40, No.10 [4] Charles E. Perkis, ad Elizabeth M. Royer, Ad-hoc O-Demad Distace Vector (AODV) Routig, IteretDraft, November [5] S. Sharma ad R. Gupta, (2009) Simulatio study of black hole attack i the mobile ad-hoc etworks, joural of egieerig sciece ad techology, vol. 4, o. 2 pp [6] LathaTamilselva,Dr.VSakaraarayaa Prevetio of Co-operative Black Hole Attack i MANET, Joural Of Networks, Vol. 3, NO. 5,2008 [7] Jia Yi, Sajay Madria, A Hierarchical Secure Routig Protocol agaist Black Hole, IEEE SUTC 2006 Taiwa, 5-7 Jue 2006 [8] Dokurer, S.; Ert, Y.M.; ad Acar, C.E. (2007). Performace aalysis of ad hoc etworks uder black hole attacks. SoutheastCo, 2007, Proceedigs IEEE, [9] Dr. Karim Koate ad Abdourahime Gaye(2011) a proposal mechaism agaist the attacks: cooperative black hole, blackmail, overflow ad selfish i routig protocol of mobile ad hoc etwork,iteratioaljoural of future geeratio commuicatio ad etworkig Vol. 4, No. 2 Fig 8: packet drop vs time i MN-ID broadcastig method ad DRI(existig method) method 1021 Page