International Journals of Advanced Research in Computer Science and Software Engineering Research Article June 2017 Performance Analysis of AODV under Worm Hole Attack 1 S. Rama Devi, 2 K.Mamini, 3 Y.Bhargavi 1 Assistant Professor, 1, 2, 3 Department of IT 1, 2, 3 BVRIT Hyderabad College of Engineering for Women, Hyderabad, Telangana, India DOI: 10.23956/ijarcsse/V7I4/0116 Abstract: In multi hop wireless systems, such as wireless sensor networks, mobile ad hoc network, security is an important factor. It becomes more critical issue when we transmit important data between nodes. There are a lot of attacks available in wireless sensor network or mobile ad hoc network. In our paper we are going to discuss about a particularly devastating attack, known as the wormhole attack. In wormhole attack, an attacker forms two or more malicious nodes in the network at different locations. These nodes are connected with the help of low latency link. As a result of this way two or more malicious nodes create a higher level virtual tunnel in the network. This virtual tunnel is used for sending the packets between the end points of tunnel.when two malicious nodes forward packet through a private tunnel in the network, in which one node is nearer to the source and other node is nearer to the destination and packet travelled through this malicious nodes. This type of activity is known as wormhole attack. NS2 is chosen as a simulation environment because it is one of the leading environments for network modelling and simulation. Keywords: Mobile Ad hoc network,ns-2,wormhole attack. I. INTRODUCTION Wireless network refers to a network, in which all the devices communicate without the use of wired connection. Wireless networks [1] are generally implemented with some type of remote information transmission system that uses electromagnetic waves, for the carrier and self- configuring network that is formed automatically by a set of mobile nodes without the help of a fixed infrastructure or centralized management.each node is prepared with a wireless transmitter and receiver, which allow it to interact with other nodes in its range. In order for a node to forward a packet to a node that is out of its radio range, the support of other nodes in the network is needed; this is known as multi-hop interaction. Thus each node must accomplish as both a host and a router at the same time. The primary challenge in building a MANET is equipping each device to continuously maintain the information required to properly route transit. Such networks may achieve by themselves or may be connected to the larger internet. Privacy protection of mobile ad hoc networks is more demanding than that of wired networks due to the open nature and mobility of wireless media. A mobile Ad hoc network (MANET) is a collection of two or more devices or nodes equipped with wireless communication and networking capabilities [3]. In a MANET, nodes which are within each other s wireless transmission ranges linked directly, nodes that are farther from each other s range have to rely on some other nodes to transmit messages [4]. Thus, a multi-hop scheme develop, where several intermediary hosts broadcast the packets sent by the source host before they reach the final destination Wormhole attack is a network layer attack [5]. In a typical wormhole attack at least two colluding node in the network are located at different places that are not in direct communication range of each other i.e. one near to the source node and another near to the destination node thus bypassing information from source node to destination node and disrupting proper routing. In this paper, we concentrate on an Ad-hoc network consisting of 14 nodes. We use Ad-hoc on demand Routing (AODV) protocol and carry out simulations to evaluate the performance of wireless ad-hoc network. In this we investigate the throughput of wireless ad-hoc network simulation considering AODV protocol. We compare the throughput simulation results of AODV without wormhole attack and with the wormhole attack. NS2[6] is selected to carry out the simulation. Ns2 provide technologies, protocols, communication devices for academic research, assessment and improvement. It is efficient robust and highly reliable which grant the user the ease of graphical interface, developing and running the simulation and validation of the results. Network Simulator (Version 2), widely known as ns-2, is simply a discrete event driven network simulation tool for studying the dynamic nature of communications network.it is an open source solution implemented in C++ and Otcl programming languages. ns-2 provides a highly modular platform for wired and wireless simulations supporting different network element, protocol (e.g., routing algorithms, TCP, UDP, and FTP), traffic, and routing types. In general, ns-2 provides users with a way of specifying network protocols and simulating their corresponding behaviours. II. AODV PROTOCOL Ad hoc On-Demand Distance Vector (AODV) routing is a routing protocol for mobile ad hoc networks and other wireless ad-hoc networks. It is jointly developed in Nokia Research Centre of University of California, Santa Barbara and University of Cincinnati by C. Perkins and S. Das. It is an on-demand and distance-vector routing protocol, meaning that a route is established by AODV from a destination only on demand. AODV is capable of both unicast and www.ijarcsse.com, All Rights Reserved Page 879
multicast routing. It keeps these routes as long as they are desirable by the sources. Additionally, AODV creates trees which connect multicast group members. The trees are composed of the group members and the nodes needed to connect the members. The sequence numbers are used by AODV to ensure the freshness of routes. It is loop-free, self-starting, and scales to large numbers of mobile nodes. AODV defines three types of control messages for route maintenance RREQ- A route request message is transmitted by a node requiring a route to a node. As an optimization AODV uses an expanding ring technique when flooding these messages. Every RREQ carries a time to live (TTL) value that states for how many hops this message should be forwarded. This value is set to a predefined value at the first transmission and increased at retransmissions. Retransmissions occur if no replies are received. Data packets waiting to be transmitted (i.e. the packets that initiated the RREQ). Every node maintains two separate counters: a node sequence number and a broadcast_ id. The RREQ contains the following fields. The pair <source address, broadcast ID> uniquely identifies a RREQ. Broadcast_id is incremented whenever the source issues a new RREQ.RREP- A route reply message is unicast back to the originator of a RREQ if the receiver is either the node using the requested address, or it has a valid route to the requested address. The reason one can unicast the message back, is that every route forwarding a RREQ caches a route back to the originator.rerr- Nodes monitor the link status of next hops in active routes. When a link breakage in an active route is detected, a RERR message is used to notify other nodes of the loss of the link. In order to enable this reporting mechanism, each node keeps a precursor list'', containing the IP address for each its neighbors that are likely to use it as a next hop towards each destination. III. WORMHOLE ATTACK Wormhole attack two selfish nodes join together. One node receives packets at one point and tunnels" them to another attacker node via a private network connection, and then replays them into the network. Minimum two malicious nodes are required to perform this attack; more than two malicious nodes are also used to perform this attack In this attack the two malicious nodes resides in the two ends of the network and they form a link between them using an out-ofband hidden channel like wired link, packet encapsulation or high power radio transmission range [7].Packet is travelling through the tunnel it reaches the destination speeder than other route and moreover the hop count through this path is going to be less so this path is established between the source and the destination [7] Once the path is established between the source and the destination through wormhole link they can misbehave in many ways in the network like continuously dropping the packets, selective dropping the packets, analyzing the traffic and performing Denial of Service attack. Figure 1 Wormhole attack in MANET 3.1 Wormhole Attack Threats A wormhole tunnel could actually be useful if used for forwarding all the packets wormhole attack as a two phase method launched by one or many malicious nodes. Within the initial phase, the two malicious end points of the tunnel could use it to pass routing traffic to attract routes through them. Within the second phase, wormhole nodes may exploit the data in type of ways in which, they'll disrupt the data flow by selection dropping or modifying data packets, generating redundant routing activities by turning off the wormhole link systematically, etc. The attacker can also simply report the traffic for later analysis. 3.2 Impacts of Wormhole Attacks The wormhole can solely peacefully transport all the traffic from one location within the network to a different location that's isolated, and then it may be helpful for the network operation because it will improve the network connectivity. Unfortunately if once the traffic is routed through the wormhole, the attacker can gain full management over the traffic. Then he will begin his malicious actions by selection dropping data packets which is able to lower the network throughput or store all the traffic and later perform cryptanalysis attacks. 3.3 Performance Metrics Considered For Evaluation Here we have some metrics for evaluation is as follows- Throughput: Throughput of any network scenario is defined as no. of knowledgeable packets or bits forwarded per second to the destination. www.ijarcsse.com, All Rights Reserved Page 880
Packet loss: Packet loss is defined as no. of packets that are developed at source node but cannot be successfully delivered to the destination node within valid time. Average end-to-end delay: Average end-to-end delay of the data packets is the interval between the data packet generation time and the time when the last bit arrives at the destination. IV. SIMULATION DESCRIPTION The ns-2 simulator is the most popular network simulator today Ns2 is a discrete event simulator targeted at networking research. It provides substantial support for simulation of TCP, routing and multicast protocols over wired and wireless networks. It consists of two simulation tools. The network simulator (ns) contains all commonly used IP protocols. The network animator (nam) is use to visualize the simulations. Ns2 fully simulates a layered network from the physical radio transmission channel to high level applications.ns2 is an object oriented simulator written in C++ and OTcl. The simulator supports a class hierarchy in C++ and a similar class hierarchy within the OTcl interpreter. There is a one-to-one correspondence between a class in the interpreted hierarchy and one in the compile hierarchy. Table 1. Simulation Parameters Parameter Value Nodes 14 Simulation Time 20sec Packet Size 1000 bytes Node Speed 10m/s Mobility model Two ray ground model Traffic model CBR Simulation Scenario Following are the simulation Scenarios in which there are 14 nodes. Figure 2. Simulation of AODV without wormhole Attack Figure 3. Simulation of AODV under wormhole attack www.ijarcsse.com, All Rights Reserved Page 881
V. PERFORMANCE EVALUATION The following are the graphs shown below. These graphs are the throughput-time graph. Figure 4. Throughput/Time Graph without wormhole attack Figure 5. 2. Throughput/Time Graph with wormhole attack VI. CONCLUSION In this paper we carried out the simulation using ns2.we used AODV protocol. From the above graph it is observed that without wormhole attack packets have reached to the destination. When there is wormhole attack there is constant line i.e zero throughput,which indicates that no packet has reached to the destination because malicious node dropped all the received packets. So no packet is received at the destination. REFERENCES [1] Maulik, R.; Chaki, N., "A comprehensive review on wormhole attacks in MANET" IEEE 2010, Page 233238. [2] Pallavi Sharma, Prof. Aditya Trivedi An Approach to Defend Against Wormhole Attack in Ad Hoc Network Using Digital Signature in IEEE, 2011 [3] Perkins C. and Bhagwat P.: Highly dynamic destinationsequence distance vector routing (DSDV) for mobile computers, In Proceedings of ACM Conference on Communications Architectures, Protocols and Applications (ACM SIGCOMM 94), London, UK, pp. 234-244 (1994) www.ijarcsse.com, All Rights Reserved Page 882
[4] Upadhyay S. and Chaurasia B. K.: Detecting and Avoiding Wormhole Attack in MANET using Statistical Analysis Approach, In the Second International Conference on Computer Science and Information Technology (CCSIT- 2012), Springer, pp. (2012). [5] Mishra Amitabh, NadkarniKetan M., and Ilyas Mohammad. Chapter 30: Security in wireless ad-hoc networks, the handbook of Ad hoc wireless network.crc PRESS Publisher, 2003. [6] THE NS2 network simulator, http://www.isi.edu/snam/ [7] Azer, M.A., El-Kassas S.M., Hassan, A.W.F., El-Soudani M.S., Intrusion Detection for Wormhole Attacks in Ad hoc Networks a Survey and a proposed DecentralizedScheme Marianne IEEE Third International conference on Availability, Reliability and Security, 2008. www.ijarcsse.com, All Rights Reserved Page 883