Advances in Wireless and Mobile Communications. ISSN 0973-6972 Volume 10, Number 4 (2017), pp. 747-756 Research India Publications http://www.ripublication.com Prevention/Detection Methods of Black Hole Attack: A Review Veerpal Kaur M. Tech. Research Scholar (Computer Science & Engineering), Yadavindra College of Engineering, Punjabi University Guru Kashi Campus, Talwandi Sabo, Bathinda, Punjab, India. Simpel Rani Associate Professor (Computer Science & Engineering), Yadavindra College of Engineering, Punjabi University Guru Kashi Campus, Talwandi Sabo, Bathinda, Punjab, India. Abstract A mobile ad hoc networks (MANETs) are continuously self-composition, infrastructure-less network of mobile devices connected wirelessly. Each device in MANETs is free to move unrestrictedly in any direction, so many attacks are possible in MANETs. In MANETs obtain various types of security active attacks like, warm, grey and sink attacks. Black attack is a type of attacks, in which a malicious node declares itself a shortest path during routing discovery and deflects the data towards malicious node. Malicious node dropped data or its desired destination else of original destination. In this paper, centralize of various prevention and detection methods for the attack. 1. INTRODUCTION MANETs are combination of wireless hosts that can be immediately arranged as a multi-hop packet radio network except the help of any fixed infrastructure or centralized administrator [1]. The network Architecture is gathering into main three parts [14]:
748 Veerpal Kaur and Simpel Rani Enabling Technologies. Networking. Middleware and applications. Determined by their coverage area, these technologies are categories into various classes: Body (BAN), Personal (PAN), local (LAN), metropolitan (MAN) and wide (WAN) area networks [15]. In MANETs, main features of the networking protocols need to be re-create for the self-organizing, dynamic, volatile, peer-to peer communication environment. In the previous year s military applications of MANETs have also grown up really since then very importantly in past few years, with rapid development of mobile ad hoc networks have attached big attention and be interesting from popular business manufacturing, as well as the standard community. 1.1 MANETs challenges The following list of issues indicates the deficiencies and conditions that have to be overcome in a MANETs environment [16]: a) Restricted wireless transmission range: The radio group will be restricted in the wireless networks and it can provide result much overwhelm than what a bound network can provide. b) Time-varying wireless link characteristics: Wireless channel is responsible to a range of broadcast shuffle such as path harm, declining channel and slowing. These features restrict data rate and consistency of these wireless transmissions. c) losses: Ad hoc wireless networks provide very advance packet damage due to transmission errors such as, unimaginable bit error rate (BER) in the wireless channels. d) Battery Restriction: Ad hoc networks provide limited resources that arrange main problem on mobile devices. Nodes which are connected in such network provide restriction on direction and capacity of node. e) Routing: In MANET the routing is main challenge because performance reduce due to unicasting and multicasting demand keep by the network nodes. It s due to quickly change in network topology and different mobility speeds. f) Security: Security is main challenge in MANET, due to its wireless environment. In, MANET the data is transferred between nodes freely, so many attacks are possible in MANET. g) Quality of service: In MANET, nodes are demand to different quality levels so quality of service is very important in network. But it s very difficult task to provide different level according to quality of service so these networks need to best control.
Prevention/Detection Methods of Black Hole Attack: A Review 749 1.2 MANETs Security There are two main situations in MANETs security: security services and various Attacks. Security Services prefer to procedures that make a network more secure. There are five important security services are: Availability, Authentication, Data confidently, integrity and non-repudiation [17,18].where attacks are use weaknesses of network to break the security of services, some serious attacks in MANETs are like Black attack, Worm attack, Byzantine attack, Snooping attack, Routing attack,session hijacking, Denial of service, Jamming attack etc. 2. BLACK HOLE ATTACK In a attack a malicious node attract the data packets by declare a falsely, fresh path to reach destination [8, 9]. But it absorbs the data packets and not forward packets to destination. In cooperative attack malicious nodes work together in a team [1]. 1 2 S 3 D 4 B1 5 B2 Drop packet RR RR Data Figure 1. Black attack in network [8] Here an example, which shows a fired attack in a network is shown in Figure 1. Where S is a source node and D is a destination node, Nodes 1,2,3,4 and 5 are performs as the intermediate nodes and 4(B1) and 5(B2) Nodes are act as cooperative nodes. When source node wants to send a data packet to destination then it send RREQ message to all neighbor nodes. Here the malicious nodes also part of the network and receives the RREQ message. Then malicious nodes immediately send the RREP message that reach at destination through B1.When
750 Veerpal Kaur and Simpel Rani source node receives the RREP starts the data packets send to B1 continously.b1 drops the data packet, instead send it to destination. Thus the data packet is loosed and never reaches to destination. 3. RELATED WORK Sen et al. [1] proposed a technique to detect the cooperative attack in MANETs. In technique used two concepts to modify the AODV protocol. One is DRI (data routing information) table and another one is cross checking. Each node maintains a DRI table. In DRI table have information about true or false values [1]. In cross checking when source node (SN) broadcast a RREQ message to find a short and secure path, then intermediate nodes transmits RREP to provide information about its DRI table. BY using this mechanism delivery ratio is increased 38% to 55%. Resulting an average improvement of 17%, but performance is decreased [1]. Ren et al.(2010) described a technique to detect attack by using packet exchange recording in disruption tolerant networks. In this technique, two tables RRT (receiving record table) and SRT (self-record table) used to keep the record of exchanged packets.rrt have the packet exchanged record of that node which sends the RREP and SRT have packet exchange record of that node which sends the RREQ.by using this technique detect insider attack efficiently with high detection rate and low positive rate [2]. Esmaili et al. [3] purposed a scheme to analysis the performance of AODV protocol by using OPNET simulator, under attack. In this paper discuss two approaches to secure MANET. First is the securing ad-hoc routing by using various protocols like DSR (dynamic source routing), DSDV (destination sequence distance vector), ARAN (authenticated routing certificate process), TRP (real time transfer protocol) etc. Second one is, intrusion detection system provide a mechanism in which each intermediate node sends back the next hop information with RREP massage. By using this approaches packet delivery ratio is increased but PDR reduces the remarkably in presence of attacks [3]. Mohite and Ragha [4] described mechanism to detect cooperative attack by using cooperative security agents. In mechanism take three concepts, first is SRT and RRT Tables, second one is data routing information and third is cooperative security agents by using the combination of three methods, malicious nodes detect effectively and mitigate the negative impact caused by and cooperative attack [4]. Al-Shurman et al. [5] purposed two techniques to detect the attack. First technique is based on RREP packet arrives from more than two nodes. This method is secure but longer time delay. Second technique is based on send RREP with record of Last-packet sequence numbers. Second method is fast, reliable and reduces the overhead in network. But this method is not secure because sometimes malicious node can listen to channel and Update their tables.
Prevention/Detection Methods of Black Hole Attack: A Review 751 Osathanunkul and Zhang [6] purposed a scheme to detect attack by using S-ETX (secure-expected transmission count). S-ETX is improved version of ETX. Two modifications is done in S-TEX, first is df and dr values calculated by initiator and second is keep record by initiator which packets are received. By using SETX the performance is increased and cost overhead is also reduced. Raj and Swadas [7] described DPRAODV (Detection, prevention and Reactive AODV) to detect and prevent the attack. In DPRAODV, when AODV receive RREP then it checks the sequence number of node. If sequence number is grater than threshold value then surmise a malicious node, and add it in a block list, and ALRAM packet is send to another neighbor nodes by using DPRAODV packet delivery ratio is increased and normalized overhead of routing, but increases the traffic load. Tamilselvan and Sankaranarayanan [8] purposed a mechanism isolate the attack by using Fidelity Table concept. Fidelity table keep the record fidelity level of nodes. If fidelity level is less than threshold value then it declares malicious node. By using this mechanism packet delivery is increased but overhead is increased, due to fidelity table is added. Lu et al. [9] described the SAODV (secure AODV) protocol to provide the more security to AODV. Main difference between them is routing discovery process. By using SAODV protocol packet loss is reduced. In AODV packet loss is 57% but in SAODV 8.132%, so 49% packet loss is reduced. Deng et al. [10] proposed a solution to provide routing security in wireless ad hoc networks. In which, the role of intermediate node is finish, all reply message is send only by the destination node. This solution is effectively only detecting the attack but cooperative attack is not controlled. Kaur and Kalra [11] purposed a verification technique digital signature to detect and prevent of attack. In which at destination TTL scheme is used to select the shortest path from different nodes. At destination node a digital signature column in which have the digital signature of every visiting node. This technique is effectively reduced cooperative attack. Siddiqua et al. [12] proposed a secure knowledge algorithm to prevent the attack in MANETs. In which, every node monitor other all neighboring nodes, and nodes compare information of its neighbor node with its knowledge table. In knowledge table have information about fm & rm values of node. If nodes fm value does match with rm value, that node declare as a malicious node by using this algorithm, finds packet drop reason before claiming node as a node. Manikandon et al. [13] proposed a scheme to remove the selective attack in MANET by using AODV as reactive protocol. A selective attack in MANET refers to an attack by a malicious node coercively produce the route from source to destination by the refutation of sequence number and hop count of the routing message. Proposed scheme based on three concepts Protocol description,
752 Veerpal Kaur and Simpel Rani Selective discovery process and performance analysis. The comparative literature review has been presented in Table 1. Sr. N o Table 1. Literature Review for Detection and Prevention of Black Attack Author 1 J. Sen et.al [1] 2 3 4 Y. Ren et.al [2] Esmaili et.al[3] Mohite et.al[4] Paper Title A Mechanis m for Detection of cooperativ e Black Hole Attack in Mobile adhoc networks Detecting attacks in Disruption Tolerant Networks through Exchange Recording Performan ce Analysis of AODV under attack through use of OPNET Simulator Cooperativ e Security Agents for MANET Method Name DRI Table & cross checking RRT & SRT Tables Securing ad-hoc routing & intrusion-n detection Various cooperative security agents Protoco l Tool Preventi on & Detectio n AODV NS-2 No/Yes PROPH ET NS-2 No/Yes AODV OPNE-T No/Yes AODV NS-2.35 No/Yes Remark delivery ratio is increased by 17% but performa nce is decreased. Detect insider attack efficientl y with high detection rate and low positive rate. delivery is reduced in presence of black attack. Malicious node detects effectivel y and reduces negative impact caused by black
Prevention/Detection Methods of Black Hole Attack: A Review 753 5 6 7 8 Shruman et.al [5] Osathanunkul and Zhang [6] Raj and. Swadas [7] Tamilselvan and Sankaranaray anan [8] 9 Lu et.al [9] 10 11 Deng et.al [10] Kaur and Kalra[11] Black attack in mobile ahhoc networks A Counter Measure to attacks in mobile adhoc networks DPRAOD V:A Dynamic Learning System against attack in AODV based MANET Prevention of Cooperativ e black attack in MANET SAODV: A MANET Routing protocol that can withstand attack Routing Security in wireless ad-hoc networks Detection and Prevention of black RREP Stash Mechanism AODV NS-2 Yes/Yes SETEX Protocol ETX NS-2 No/Yes DPRAODV:Sol ution against attack Prevention of cooperative attack by using Fidelity Table Secure routing protocol- SAODV Modify RREQ and RREP Digital Signature AODV NS-2.33 Yes/Yes AODV GLOMOS IM Yes/Yes AODV NS-2 Yes/Yes AODV NS-2 Yes/Yes AODV MATLAB Yes/Yes attack. Detect single black attack node. Performa nce is increased and cost overhead is also reduced. delivery ratio is increased and normalize d routing overhead. delivery ratio increases but delay is also increased. loss is reduced. Only detect the black attack but not the cooperati ve black attack. Reduced cooperati ve black
754 Veerpal Kaur and Simpel Rani 12 13 Siddiqua et.al [12] Manikandan et.al [13] attack with digital signature Preventing attacks in MANETs using Secure Knowledge Algorithm Removal of Selective attack in MANET by AODV protocol Secure Knowledge Algorithm Modify RREQ,RREP and RERR AODV NS-2 Yes/No AODV NS-2 Yes/No attack. Help to find out reason before claiming node as a black node. Selective black node discovery process and performa nce analysis. 4. CONCLUSION Black attack is a type of attack in MANETs which is to devolve or listen in the message during route discovery. In it, node is sending imitate RREP, and receives message from source node. In this paper we describe the various methods for detection and prevention of attack by using various solutions. Various solutions like DRI table & cross checking, exchange recording, cooperative security agents, S-ETX, DPRAODV, Fidelity table, SAODV, digital signature are analyses. These are methods to keep safe against attacks which provide some advance results, when attack is fired. REFERENCES [1] J. Sen, S. Koilakonda and A. Ukil, A Mechanism for Detection of Cooperative Black Hole Attack in Mobile Ad Hoc Networks, in Proceedings of 2 nd International Conference on Intelligent Systems, Modeling and Simulation, pp. 338-343, 2011 [2] Y. Ren, M. C. Chuah, J. Yang and Y. Chen, "Detecting Black Attacks in Disruption-Tolerant Networks through Exchange Recording", in Proceedings of IEEE International Symposium on World of Wireless Mobile and Multimedia Networks (WoWMoM), pp. 1-6, 2010. [3] H. A. Esmaili, M. R. KhaliliShoja, Hosseingharaee, Performance Analysis of AODV under Black Attack through Use of OPNET Simulator, World of Computer Science and Information Technology Journal (WCSIT), Vol. 1, No. 2, pp. 49-52, 2011.
Prevention/Detection Methods of Black Hole Attack: A Review 755 [4] V. Mohite and L. Ragha, Cooperative Security Agents for MANET, IEEE World Congress on Information and Communication Technologies, pp. 549-554, 2012. [5] M. Al-Shurman, S. Yoo and S. Park, Black Attack in Mobile Ad Hoc Networks", ACM Southeast Regional Conference, pp. 96-97, 2004. [6] K. Osathanunkul, and N. Zhang, "A countermeasure to attacks in mobile ad hoc networks, IEEE International Conference on Networking, Sensing and Control (ICNSC), pp.508-513, April 2011. [7] P. N. Raj and P. B. Swadas, DPRAODV: A Dynamic Learning System against Black HoleAttack in AODV based MANET, IJCSI International Journal of Computer Science Issues, Vol. 2, 2009. [8] L. Tamilselvan, V. Sankaranarayanan, Prevention of Co-operative Black Hole Attack in MANET, Journal of Networks, Vol. 3, No 5, 13-20, 2008. [9] S. Lu, L. Li, K. Y. Lam and L. Jia, "SAODV: A MANET Routing Protocol that can Withstand Black Hole Attack", International Conference on Computational Intelligence and Security, Vol. 2, pp. 421-425, 2009. [10] H. Deng, W. Li and D. P. Agrawal, Routing security in wireless ad hoc networks," IEEE Communications Magazine, Vol.40, No.10, pp. 70-75, 2002. [11] R. Kaur and J. Kalra, Detection and Prevention of Black Hole Attack with Digital Signature, International Journal of Advanced Research in Computer Science and Software Engineering, Vol. 4, No. 8, 2014. [12] A. Siddiqua, K. Sridevi, A. A. K. Mohammed, Preventing Black Hole Attacks in MANETs Using Secure Knowledge Algorithm, In Proceedings of International Conference on Signal Processing and Communication Engineering Systems (SPACES), pp. 421-425, 2015 [13] T. Manikandan, S. Shitharth, C. Senthikumar and C. Sebastinalbina, Removal of Selective Black Hole Attack in MANET by AODV Protocol, Vol. 3, No. 3, 2014. [14] J. S. Mehta, S. Nupur and S. Gupta, An Overview of MANET: Concepts, Architecture & Issues, International Journal of Research in Management, Science & Technology, Vol. 3, No. 2, 2015. [15] R. Ramanathan and J. Redi, A Brief Overview of Ad Hoc Networks: Challenges and Directions, IEEE Communications Magazine, Vol. 40, No. 5, pp. 2-22, 2002. [16] N. Raza, M. U. Aftab, M. Q. Akbar, O. Ashraf and M. Irfan, Mobile Ad-Hoc Networks Applications and Its Challenges, Communication and Networks, Vol 8, No. 3, pp. 131, 2016. [17] A. Dorri, S. R. Kamel and E. Kheyrkhah, Security Challenges in Mobile Ad Hoc Networks: A Survey, International Journal of Computer Science & Engineering Survey (IJCSES) Vol. 6, No.1, pp. 15-29, February 2015.
756 Veerpal Kaur and Simpel Rani [18] Y. Zhang and W. Lee, Intrusion Detection in Wireless Ad-Hoc networks, In Proceedings of the 6th annual international conference on Mobile computing and networking, pp. 275-283, 2000. [19] Y. C. Hu, A. Peerig and D. B. Johnson, Ariadne: A Secure on-demand Routing Protocol for Ad Hoc Networks, Wireless networks, Vol. 11, No. 1-2, pp. 21-38, 2005 [20] N. Sharmal and A. Sharma, The Black-Hole Node Attack in MANET, Second International Conference on Advanced Computing & Communication Technologies, pp. 546-550, 2012.