Performance Evaluation of Blackhole Attack on VANET's Routing Protocols

, pp.39-54 http://dx.doi.org/10.14257/ijseia.2014.8.9.04 Performance Evaluation of Blackhole Attack on VANET's Routing Protocols Eman Farag Ahmed 1, Reham Abdellatif Abouhogail 2 and Ahmed Yahya 3 1 Research Assistant, Electrical Quantities Metrology Dept., National Institute for Standards, Egypt 2 Electrical Quantities Metrology Dept., National Institute for Standards, Egypt 3 Electrical Engineering Dept., Al-Azhar University, Cairo, Egypt Assistant Professor Associate Professor 1 emanfrg41@yahoo.com, 2 rehlatif@yahoo.com, 3 ahmed_yahya_1@yahoo.com Abstract Vehicular Ad-hoc Network systems (VANETs) are a dynamic wireless network where the nodes move randomly without any infrastructure. VANETs are an open transmission and communication media without any security mechanism. So, there are a lot of malicious nodes attacks on VANETs. Blackhole attack is one of the security threats in which the traffic isn t transmitted to the destination node but will redirect it to a node that actually does not exist in the network to drop that traffic. The main target of the paper is to measure the impact of Blackhole attack on the VANET s reactive and proactive routing protocols i.e., AODV, DSR, OLSR, and TORA. Simulation is carried out by using OPNET modeler 14.5 [1]. Measurements of different parameters with complete analysis and comparison are presented. Keywords: VANETs, Routing protocols AODV, DSR, OLSR, TORA and Blackhole attack 1. Introduction Vehicular Ad-hoc Network systems (VANETs) are a specific type of the Mobile Ad-hoc Networks systems (MANETs), with the main difference that nodes are the vehicles themselves to build a network. Networking in a vehicle is a successful approach to satisfy active road safety by warning drivers about road conditions accidents or bad weather etc., and traffic management by helping drivers to find the best available route to their destination. Also, it supports the applications dedicated to improve the comfort of drivers. For example; the vehicles are equipped with Internet and Multimedia connectivity. The main problems related to vehicular networks are the high speed of moving nodes, which causes fast and frequent network topology changes and further instability of the transmission wireless channel. As this system is highly dynamic it leads to provide new challenges in providing network security. There are many routing protocols that have been proposed and assessed to improve the efficiency of VANETs. VANETs face different securities threats i.e., attack that are carried out against them to decrease the normal performance of the networks. In these attacks, Blackhole attack is that kind of attack which occurs in VANETs. In Blackhole attack, a malicious node uses its routing protocol in order to advertise itself for having the shortest path to the destination node. In this paper, we evaluate the performance of these routing protocols with respect to various parameters like Packet Delivery Ratio, Average End-to-End Delay, Packet Dropped and Network Throughput etc. in more different scenarios of node density under different number of Blackhole nodes attack. While there has been performance analysis ISSN: 1738-9984 IJSEIA Copyright c 2014 SERSC

of wireless ad hoc network [2-9], still none of these papers have collected the four selected protocols and also they haven t measured the four mentioned influential factors with and without Blackhole attack in the same paper. The organization of the rest of this paper is as follow. Section II overviews the Routing Protocols classification. Section III presents Denial of Service attack (DoS) types and its effect in network performance. Sections V, VI and VII present the simulation environment, the simulation results and the conclusion respectively. 2. Routing Protocols In VANET, topology based routing protocols is one of its routing protocols categories. These routing protocols use links information that exists in the network to perform packet forwarding. Topology based routing can be classified into: reactive, proactive and hybrid [7] [8-10]. Reactive protocols are also called as on-demand driven reactive protocols. They initiate the route only when it is necessary for a node to communicate with each other [7, 11]. Routing discovery process typically consists of network flooding algorithm of request message. Where, a node broadcasts the packet to all of its neighbors and the intermediate nodes forward this packet to their neighbors till reach the destination node [8, 10]. The advantages of reactive routing protocol are that these protocols don t consume bandwidth for sending information and have small routing overheads [10]. The disadvantage is that it has higher latency when the node starts transmitting the data to the destination node [10, 11]. Examples of reactive protocols are: DSR, AODV, TORA, PGB and JARR. Proactive routing protocols are called table- driven protocols in which, the route to all the other nodes is maintained in routing table. Packets are transmitted over the predefined route specified in the routing table from background information about neighbor nodes (routing updates) [10, 11]. The advantage of proactive routing protocol is that there is no route discovery because the destination route is stored in background. This means that the packet forwarding is done faster. The disadvantage of this protocol is that it provides high latency for real time application because all the routes are maintained all the times and the routing overhead is large. This is because all the routes have to be defined before transferring the packets [7, 10]. Examples of proactive Protocols are: OLSR, DSDV, FSR, CGSR, WRP, and TBRPF. Hybrid protocols are the combinations of reactive and proactive protocols. They take the advantages of the other two types of protocols. They are introduced to reduce the control overhead of proactive routing protocols and to decrease the initial route discovery delay in reactive routing protocols. As a result, routes are found quickly in the routing network. Examples of hybrid routing Protocols are: ZRP and HARP [7, 10]. 2.1. Ad-hoc On-Demand Distance Vector (AODV) AODV is a reactive routing protocol, which establishes a route to a destination only on demand [12, 13]. This means that the network is silent until a connection needed. It uses control messages such as Route Request (RREQ), Route Reply (RREP),Route Error(RERR) and Hello (HELLO) message for communication to establish a path from the source to the destination (Route discovery and Route maintenance) process[3, 11]. The route discovery process of AODV consists of two main methods as shown in Figure 1. The first one is source routing and the second one is backward learning. So when the source node wants to make a connection with the destination node; first, the source node checks its route table at the start of communication. In case of there is no route to destination node, the source node broadcasts an RREQ message. The RREQ message is propagated from the 40 Copyright c 2014 SERSC

source and received by neighbors of the source node. Every node that receives the RREQ packet first checks if it is the destination for that packet and if so, it sends back an RREP packet. If it is not the destination, then it checks its routing table to determine if it has got a route to the required destination. If it hasn t, it sends the RREQ packet by broadcasting it to its neighbors. If its routing Table contains an entry to the destination, then the next step is comparing the Destination Sequence number in its routing table to that present in the RREQ packet. This Destination Sequence number is the sequence number of the last sent packet from the destination to the source. If the destination sequence number that is presented in the routing table is less than or equal to the one contained in the RREQ packet, then the node sends the request further to its neighbors. If the number in the routing table is higher than the number in the packet, it denotes that the route is fresh and latest route and packets can be sent through this route. Then, this intermediate node sends a RREP packet to the node through which it received the RREQ packet. The RREP packet gets relayed back to the source through the reverse route. The source node then updates its routing table and sends its packet through this route. During the operation, if any node identifies a link failure it sends a RERR packet to all other nodes that uses this link for their communication to other nodes. In case a node receives multiple RREPs, it will select a RREP which contains the largest destination sequence number. But if the destination sequence number was the same, it will select the RREP with the smallest hop count. As shown in Figure 2a and Figure 2b the RREQ and the RREP control message headers contain all of these information that are used when the node participates in routing. Broken Figure 1. Route Discovery Process with RREQ and RREP Control Messages Source Address Source Sequence Number AODV RREQ message Broadcast ID Destination Destination Address Number Sequence Hop Count Figure 2a. RREQ Messages of AODV Source Address Destination Address AODV RREP message Destination Hop Count Sequence Number Lifetime Figure 2b. RREP Messages of AODV Copyright c 2014 SERSC 41

2.2. Dynamic Source Routing (DSR) DSR is a reactive source routing protocol; where a source node cached the route that the packet should pass through on demand [5, 10]. DSR protocol allows the network to be completely self-organizing and self-configuring without the need for any existing network infrastructure or administration [13]. DSR protocol mechanisms are Route Discovery and Route Maintenance. Route Discovery starts when Neighbor nodes get a RREQ message from nodes to find a route. The node that receives RREQ message will forward it to neighbors and it will be cached into the routing Table as a source route. When the destination node or any node has route information to the destination in its route cache receives this message. The nodes will send reply message RREP containing information about the full source. The information may be the address of each device the packet will traverse. This information or learned paths are used to route packets. Then, the source node chooses the shortest route and stores it, and forwards messages through it. Choosing best route depends on some metrics like hop number, delay, bandwidth or the duration for the RREP to reach the source. Route Maintenance process starts when the link between the node which is used to forward data packet and the next node is broken. One from these two nodes sends a RERR message to the source node, which while removing the broken link from its route cache, uses another route to the destination. If another route is not available, it starts a route discovery again [5]. DSR advantages are that DSR provides excellent performance for routing in multi-hop wireless ad hoc networks where it reduces network bandwidth overhead as no periodic routing advertisement. DSR has very low routing overhead and is able to correctly deliver almost all originated data packets, even with continuous, rapid motion of all nodes in the network [13]. The disadvantages of DSR as follow; that the route maintenance mechanism does not locally repair a broken link and the old route Cache information could be inconsistencies during the route reconstruction phase. Connection setup delay is higher than it in table-driven protocol. Even though the protocol performs well in static and low mobility environments, the performance degrades rapidly with increasing mobility. So routing overhead is directly proportional to the path length. 2.3. Optimized Link State Routing Protocol (OLSR) OLSR is a proactive routing protocol that is also known as table driven protocol by the fact that it updates its routing Tables [11]. It is a point-to-point routing protocol based on the traditional link-state algorithm where each node maintains topology information about the network by periodically exchanging link-state messages. OLSR used multipoint relay (MPR) [3]. As during each topology update, each node in the network selects a set of neighboring nodes to retransmit its packets. These set of nodes are called the multipoint relays of that node. They are responsible for generating and forwarding topology information. As OLSR always needs to maintain routing tables and uses MPR that will reduce the size of each control message and the number of rebroadcasting nodes during each route update. Any node which is not in the set can read and process each packet but do not retransmit it. OLSR has three types of control messages, Hello, Topology Control (TC) and Multiple Interface Declaration (MID) [3, 4]. HELLO message has all the information about the neighbors. Only MPR node can broadcast topology control (TC) message, along with link status information at a predetermined TC interval. To select the MPRs, each node periodically broadcasts a list of its one hop neighbors using hello messages. From the list of nodes in the hello messages, each node selects a subset of one hop neighbors, which covers all of its two hop neighbors [11]. As showing in Figure 3, node A can select nodes C, E and G to be the MPR nodes which are two hops away from these nodes and all other neighbors node. Each node 42 Copyright c 2014 SERSC

calculates an optimal route to every known destination using its topology information and stores this information in a routing Table. This information is collected by HELLO message. As the routes are all the time the basic concept of MPR is to reduce the duplication or loops of retransmissions of the packets. Otherwise, OLSR requires a large bandwidth and CPU power to compute optimal paths inside the network. Figure 3. Multipoint Relays Node Selection 2.4. Temporally Ordered Routing Algorithm (TORA) TORA is an on demand routing protocol for multi hop networks [9, 14]. TORA supports a mix of reactive and proactive routing on a per-destination basis. In reactive operation, the source starts the route discovery to a given destination on demand [15]. At the same time, selected destinations can initiate proactive operation depending on table-driven routing approaches. TORA is based on link reversal algorithms [16]. TORA algorithm maintains the direction of the next destination to forward the packets. TORA essentially performs three tasks with three kinds of messages: Creation of a route from a source to a destination using the QRY message. Maintenance of the route using the UPD message. Erasure of the route when the route is no longer valid using the CLR message. All messages flow from nodes with higher height to nodes with a lower one [14]. When a node needs a route to a destination node, it broadcasts a QUERY (QRY) packet containing the destination address. This packet propagates through the network until it reaches the destination node or a node with a valid route to the destination. Then, this node broadcasts an UPDATE (UPD) packet containing its own height to the destination node. Every node receives the UPD broadcast will set its height to a value higher than the one specified in the UPD packet. It results in a series of directed links from the source node to the destination node. When a node detects a network partition, it generates a CLR packet that resets routing state and removes invalid routes from the network. TORA s advantages are: it s ability to establish routes quickly and to minimize the communication overhead associated with adapting to network topological changes [16]. The design and flexibility of TORA allow its operation to be biased towards high reactivity (i.e., low time complexity) and bandwidth conservation (i.e., low communication complexity) rather than routing optimality-making it potentially well-suited for use in dynamic wireless Copyright c 2014 SERSC 43

networks [15]. Otherwise, it has the same disadvantages of on- demand routing protocols and not much used also not scalable. 3. Denial of Service Attack (DoS) Denial of Service attack (DoS) is a kind of threats that prevents the system or the service to work normally [17]. It can make the service unavailable by different ways such as consume the network bandwidth or downgrade the communications in the network, disruption of routing information, etc., The attack mainly affects the whole performance of the network. VANET system is a wireless dynamic topology system that faces different kinds of Denial of Service attack. Two of the most common of these attacks are Grayhole and Blackhole attacks [11, 13]. 3.1. Blackhole Attack Blackhole attack is a kind of Denial of Service (DoS) attack possible in wireless ad-hoc network.in this attack, a malicious node uses its routing protocol in order to advertise itself for having the shortest path to the destination node or to the packet it wants to intercept [2] [18-20]. The attacker absorbs transmitted data from source to destination and drops all this data or forwards it to unknown address. As a result, the source and the destination nodes become unable to communicate with each other [11, 21, 22]. This attack can be classified according to the source of attack (internal or external), the behavior of attack (passive, active) and the group of work (single, cooperative). External Blackhole: it is outside the network and when it gets access to the network it will deny the access to the network. It causes denial of service in order to disrupt the performance of the whole network. Internal Blackhole: it is a node being part of the network that impersonates and starts its malicious behavior. Internal attack is more dangerous than external attack [2, 11]. Active attack: it steals important information and modifies it and fabricates the messages to destroy the performance of the network. The active attack can be an internal or an external attack. Passive attack: it listens to the network in order to know and understand how the nodes communicate with each other. So the attacker has enough information about the entire network to easily hack the network. Black hole attack can be done by single or cooperative malicious node, where Cooperative Blackhole means the malicious nodes act in a group [18]. 3.2. GrayHole Attack Grayhole attack is a kind of Blackhole attack in which a malicious node s behavior is exceptionally unpredictable [11, 13]. This is a type of active attack where in the beginning the attacker nodes behave normally and reply true RREP messages to the nodes that started RREQ messages. When it receives the packets it starts dropping the packets and launch Denial of Service (DoS) attack. Due this behavior it s very difficult for the network to figure out such kind of attack. Grayhole attack is also termed as node misbehaving attack [2]. 4. Protocols that Affected by Blackhole Attack The most common four wireless ad-hoc routing protocols are AODV, DSR, OLSR and TORA. Since the AODV routing protocol doesn t have any security mechanisms to ensure that the packets have reached the destination, malicious node can perform Blackhole attack. Blackhole attack in AODV protocol can be classified into two categories: black hole attack 44 Copyright c 2014 SERSC

caused by RREP and black hole attack caused by RREQ [11, 20, 22]. Blackhole attack in DSR almost is the same in AODV that will affect the route information like dropping the packets and sending a fake REEP message or a fake Destination Address. While in OLSR the hello message is important for selecting the MPR. Therefore the Blackhole attack node forcefully selects itself as MPR hence it keeps the willingness field to Will always constantly in its hello message so its neighbors will always select it as MPR [2, 11]. TORA protocol is based on link reversal algorithm which means that it uses link to forward packet. Link between the source node and the destination node will be broken if the Blackhole is one of the nodes that performs the path. When the Blackhole node receives a QRY message it will discard it. After a very short time the packet is queued in the Blackhole node queue. 4. Simulation Environments The aim of this paper is to study the effects of Blackhole attack in VANET for both Proactive routing protocol and Reactive routing protocol. The impact of Blackhole attack on the performance of VANET is evaluated by studying which protocol is more vulnerable to the attack and how much is the impact of the attack on each protocol. All of the simulation is carried out by using OPNET modeler 14.5 [15]. The performance metrics that are measured for evaluating and testing the impact of black hole attack on AODV, DSR, OLSR and TORA network performance are as follow: 1. Packet Delivery Ratio (PDR) This is the ratio of total data received to total data sent from source to destination. It measures the loss rate in the network. (PDR= data delivered to the destination /data sent out by the source) 2. Average End-to-End Delay This is the average time that a packet takes to traverse from the source node to the destination node in a network. 3. Packet Dropped This represents the total number of packets discarded by all nodes in the network. 4. Network Throughput Throughput is the average rate of successful message delivery over a communication channel. Figure 4 shows the simulation environment of a single scenario consists of 40 mobile nodes move at a constant speed of 10 meter per second. Total of 80 scenarios have been developed, all of them with mobility of 10 m/s. Number of nodes and number of Blackhole attacks were varied. The simulation time was 500 seconds. Simulation area is 1000 x 1000 meters, which is suitable to contain 50 nodes to move freely. Packet Inter-Arrival Time (sec) is taken exponential (1) and packet size (bits) is exponential (1024). The data rates of mobile nodes are 11 Mbps with transmitting power of 0.005 watts. Random way point mobility is selected with constant speed of 10 meter/seconds and with pause time of constant 100 seconds. This pause time is taken after data reaches the destination only. The simulation parameters are given in Table 1. Our goal is to determine the protocol which shows less vulnerability in case of Blackhole attack. We choose AODV, DSR, OLSR and TORA routing protocols which are reactive and proactive protocols respectively. The first simulation scenario was built of normal working VANETs with normal behavior of nodes without any type of attacks introduced on it (Without Attack). Rest of scenarios with varying Routing protocol and number of nodes and number of attacks were implemented to measure the network performance with existing of attack (With Attack). After the simulation of each scenario with different number of Blackhole attack nodes that are introduced in the Copyright c 2014 SERSC 45

whole network. The results are analyzed in comparison with normal working protocols of AODV, DSR, OLSR and TORA (without attack). The malicious node is placed in the network between sender and receiver. This malicious node when receives any number of packets drops all the received data. Figure 4. The Simulation Environment Scenerio of 40 Nodes For simulation, we set the parameters as shown in Table 1. 5. Simulation Results Table 1. Simulation Parameters Examined protocols AODV,DSR,OLSR and TORA Simulation time 500 seconds Simulation area (m x m) 1000 x 1000 Number of Nodes 10,20,30,40 and 50 Number of Attacks 0,2,4,and 6 Performance Parameter Throughput, End-to-end delay, PDR, and Packet dropped. Pause time 100 seconds Mobility (m/s) 10 meter/second Packet Inter-Arrival Time (s) exponential(1) Packet size (bits) exponential(1024) Transmit Power(W) 0.005 Date Rate (Mbps) 11 Mbps Mobility Model Random waypoint In this section, we will describe the effect of Blackhole attack to number of parameters for the selected routing protocols (AODV, DSR, OLSR and TORA). In our simulation, we implemented the Blackhole node and doubled it number of times (0-Blackhole, 2-Blackhole, 4-Blackhole and 6-Blackhole) in each scenario of these protocols. Simulation results are 46 Copyright c 2014 SERSC

shown in Figures 5 (a, b, c, d) for the AODV protocol, in Figures 6 (a, b, c, d) for the DSR protocols, in Figures 7 (a, b, c, d) for the OLSR protocol, and in Figures 8 (a, b, c, d) for the TORA protocol. 5.1. Performance Measurements of AODV Protocol. Figure 5a shows the effect to the PDR with different number of nodes under different number of attacks. The result shows that the PDR decreases when there are two or more number of malicious nodes in the entire network. The decreasing to some of the packets is due to Blackhole node. Figure 5a. AODV Packet Deliver Ratio Figure 5b. AODV Average End-to-End Delay Figure 5b shows the effect to the Average End-to-End Delay measured with and without Blackhole attack. There is a slight increase in the Average End-to-End Delay without Blackhole as compared to the effect of Blackhole attack. This is due to the nature of malicious node here. It will not check its routing Table. So there is no need of RREQs and RREPs to be broadcast because the malicious node already sends its RREQs to the sender node before the destination node reply. This will cause less delay. Figure 5c. AODV Average Throughput Figure 5d. AODV Total Packet Dropped Figure 5.c shows the impact of the Blackhole attack to the networks throughput using AODV routing protocol. The throughput of the network slightly decreases with Blackhole attack as compared to without Blackhole attack. Figure 5.d shows the impact of the total Copyright c 2014 SERSC 47

packet dropped by the malicious nodes. The result shows that the total packet dropped are increased with presence of Blackhole attack with varying number of total node numbers. 5.2. Performance Measurements of DSR Protocol. For DSR protocol, Figure 6a shows the effect to the PDR under different number of Blackhole attack nodes. PDR increases with increasing number of Blackhole nodes. Figure 6b shows the experimental results with and without Blackhole Attack for the Average End-to- End Delay. The Average End-to-End Delay decreases when the number of malicious nodes increases, because collision reduces due to dropping of packets. Figure 6a. DSR Packet Delivery Ratio (PDR) Figure 6b. DSR Average End-to-End Figure 6c shows that as the density increases the Average Throughput improve and the similar behavior can be observed with applying a different number of malicious Blackhole attacks in the network. As malicious node drops routing packets this will reduce communication overhead and will reduce collision. When the collision is reduced the throughput is improved. Figure 6d shows the total packet dropped which is measured for the DSR protocol. The total packet dropped parameter decreases descending (gradually) when number of nodes increases under different number of attacks. Figure 6c. DSR Average Throughput Figure 6d. DSR Total Packet Dropped 5.3. Performance Measurements of OLSR Protocol. Figure 7a shows the effect of Blackhole attack to the PDR for the OLSR protocol. PDR is decreased with the increase of number of Blackhole nodes. The reason is that, when the 48 Copyright c 2014 SERSC

destination node moves rapidly, it has more chances to select node as MPR other than the Blackhole node which forcefully selects itself as MPR hence it keeps the willingness field to be always constantly in its hello message. So their neighbors will always select it as MPR. The results show that when the number of Blackhole nodes increase Packet Delivery Ratio decreases. So OLSR without attack has more packet delivery ratio than OLSR with Blackhole attack. Figure 7b shows that, Average End-to-End Delay get affected by the attack but not much, when number of Blackhole nodes are increased there is a slight increase in the average End-to-End Delay. So the value of the average End-to-End Delay increases due to the effect of Blackhole attack. Figure 7a. OLSR Packet Delivery Ratio (PDR) Figure 7b. OLSR Average End-to-End Delay Figure 7c shows that Average Throughput of OLSR without Blackhole attack performs better than OLSR with Blackhole attack. With increasing in number of source nodes, Average Throughput increases and when the Blackhole attack nodes are added in the network throughput decreases gradually as compared to the OLSR without malicious nodes. So OLSR without Blackhole attack is better than it with Blackhole attack according to the throughput parameter. Figure 7c. OLSR Average Throughput (Bits/sec) Figure 7d. OLSR Total Packet Dropped Figure 7.d shows the total packet dropped. Total packet dropped increases by increasing the number of nodes from 10 to 20 under different number of attack nodes. But the total packet dropped decreases when the number of nodes is increased to 30 nodes. The reason is in small number of nodes Black hole node is selected as the only MPR for all of its neighbors Copyright c 2014 SERSC 49

but after the number of nodes increases largely the Blackhole will lose the chance to control the entire network and force itself as MPR. Also we note that with increasing number of attacks the total packet dropped will increase. 5.4. Performance Measurements of TORA Protocol. For the TORA protocol, Figure 8a shows the effect to the PDR when the number of nodes is increased under different number of attacks. PDR increases with increasing number of nodes. But without Blackhole attack PDR for TORA protocol is slightly better than TORA under attack. Figure 8b shows that, Average End-to-End Delay is increased linearly then appears to be constant under different number of attacks. This is due to increasing the number of nodes in the network will lead to find more than a suitable link to perform more paths from source to reach the destination. Figure 8a. TORA Packet Delivery Ratio (PDR) Figure 8b. TORA Average End-to-End Delay Figure 8c shows that, Average Throughput will increase if the number of nodes increase but no change under different number of Blackhole attacks nodes. TORA throughput was better even if there is Blackhole in the entire network. Figure 8d shows that, the total packet dropped measured for the TORA protocol increases if the number of nodes increases. Figure 8c. TORA Average Throughput (Bits/sec) Figure 8d. TORA Total Packet Dropped Table 2 shows a comparison between AODV, DSR, OLSR and TORA protocols according to the measuring of the performance parameters. OLSR performs better than AODV, DSR and TORA according to the PDR parameter. The Average End-to-End Delay of DSR is 50 Copyright c 2014 SERSC

higher than the Average End-to-End Delay of AODV, OLSR and TORA. The Average Throughput of the AODV is better than The Average Throughput of the other protocols. AODV has slightly of Total Packet Drooped increase than TORA, DSR and OLSR. Table 3 shows a comparison between AODV, DSR, OLSR and TORA protocols according to the effect of Blackhole attack. PDR decreased in AODV and OLSR but increased in DSR and no change in TORA. Average End-to-End Delay decreased in AODV and DSR but slightly increased in OLSR and no change in TORA. Average Throughput slightly decreased in AODV and OLSR but slightly increased in DSR and no change in TORA. Finally, Total Packet Dropped increases very large in AODV and OLSR but increases significantly in DSR and slightly decreased in TORA. Table 2. Comparison between AODV, DSR, OLSR and TORA Protocols According to the Measuring of the Performance Parameters Parameters Without Blackhole Protocol Name PDR Average End-to- End Delay Average Throughput Total Packet Dropped AODV High High High Very Low DSR Very Low High High Very Low OLSR High High High Very Low TORA High High High Low Table 3. Comparisons between AODV, DSR, OLSR and TORA Protocols According to the Effect of Blackhole Attack Effects of Blackhole Protocol Name PDR Average End-to- End Delay Average Throughput Total Packet Dropped AODV Decreased Decreased Slightly Decrease Very Large Increase DSR Increased Decreased Slightly Increased Significant Increase OLSR Decreased Slightly Increased Slightly Decrease Very Large Increase TORA No Change No Change No Change Slightly Decreased 6. Conclusion A simulation for different types of the most common protocols in VANETs is used to compare between them. OPNET modeler 14.5 simulators are used to measure the performance parameters for each one of them with applying a different number of Blackhole attack and without it. The parameters that are used to measure the performance are: PDR, Average End-to-End Delay, Average Throughput and Total Packet Dropped. The results of the simulation show that the effect of Blackhole attack is more on AODV protocol as compared to others especially for the total packet dropped which verify our goal in this paper. As a future work, we can modify the internal structure of the routing protocols to make them more secure against the effect of Blackhole attack. References [1] http://www.opnet.com. [2] V. Bibhu, K. Roshan, K. B. Singh and D. K. Singh, Performance Analysis of Black Hole Attack in Vanet, International Journal of Computer Network and Information Security, (2012), pp. 47-54. [3] H. Kaur, M. Bala and V. Sahni, Study of Blackhole Attack Using Different Routing Protocols in MANET, International Journal of Advanced Research in Electrical, Electronics and Instrumentation Engineering, vol. 2, Issue 7, July, (2013), pp. 3031-3039. Copyright c 2014 SERSC 51

[4] A. Gupta, N. Kaur and A. Kaur, A Survey on Behaviour of AODV and OLSR Routing Protocol of Manets under Black Hole Attack, IJCST, vol. 2, Issue 4, (2011) October- December, pp. 349-352. [5] K. Mahamuni and C. Chandrasekar, An Statistical Technique to Mitigate Black Hole Attack in Wireless Network, International Journal of Computer Applications, vol. 58, no. 12, (2012) November, pp. 33-37. [6] H. Singh and M. Singh, Effect of Black Hole Attack on AODV, OLSR and ZRP Protocol in MANETs, International Journal of Advanced Trends in Computer Science and Engineering, vol. 2, no. 3, (2013) May- June. [7] M. Y. Gadkari and N. B. Sambre, VANET: routing protocols, security Issues and simulation tools, IOSR Journal of Computer Engineering (IOSRJCE), vol. 3, Issue 3, (2012) July-August, pp. 28-38. [8] S. Mohapatra and P. Kanungo, Performance analysis of AODV, DSR, OLSR and DSDV Routing Protocols using NS2 Simulator, International Conference on Communication Technology and System Design, (2012) March, pp. 69-76. [9] T. Kaur and A. K. Verma, Simulation and Analysis of AODV routing protocol in VANET, International Journal of Soft Computing and Engineering (IJSCE), vol. 2, Issue 3, (2012) July, pp. 293-301. [10] G. F. Ahmed, R. Barskar and N. Barskar, An Improved DSDV Routing Protocol For Wireless Ad Hoc Networks, International Conference on Communication, Computing & Security, vol. 6, (2012) November, pp. 822-831. [11] I. Ullah and S. Ur Rehman, Analysis of Black Hole attack on MANETs Using different MANET routing protocols, School of Computing Blekinge Institute of Technology, (2010) September. [12] S. Kurosawa, H. Nakayama, N. Kato, A. Jamalipour and Y. Nemoto, Detecting Blackhole Attack on AODV-based Mobile Ad-Hoc Networks by Dynamic Learning Method, International Journal of Network Security, vol. 5, no. 3, (2007) November, pp. 334-346. [13] K. Abd. Jalil, Z. Ahmad and J. Ab Manan, Mitigation of Black Hole Attacks for AODV Routing Protocol,International Journal on New Computer Architectures and Their Applications, vol. 1, no. 2, (2011) August, pp. 336-343. [14] A. Zaballos, A. Vallejo, G. Corral and J. Abella, Ad Hoc routing performance study using OPNET Modeler, University Ramon Llull (URL - La Salle Engineering), (2006). [15] R. K. Jha, S. V. Limkar and U. D. Dalal, A Performance Comparison of Routing Protocols (DSR and TORA) for Security Issue In MANET (Mobile Ad Hoc Networks), IJCA Special Issue on Mobile Ad-hoc Networks MANETs, (2010), pp. 78-83. [16] G. S. Aujla and S. S. Kang, Comprehensive Evaluation of AODV, DSR, GRP, OLSR and TORA Routing Protocols with varying number of nodes and traffic applications over MANETs, IOSR Journal of Computer Engineering (IOSR-JCE), vol. 9, Issue 3, (2013) March April, pp. 54-61. [17] D. k. Chaitanya and G. Arindam, Analysis of Denial-of-Service attacks on Wireless Sensor Networks Using Simulation, Middlesex University, (2010). [18] H. B. Patel and J. Baria, Black Hole Attack in Mobile Ad Hoc Networks Issues and Solutions, International Journal of Engineering Research & Technology (IJERT), vol. 1, Issue 10, (2012) December, pp. 1-6. [19] Jasvinder and M. Sachdeva, Effects of Black Hole Attack on an AODV Routing Protocol Through the Using Opnet Simulator, International Journal of Advanced Research in Computer Science and Software Engineering, vol. 3, Issue 8, (2013) August, pp. 657-664. [20] S. K. Chamoli, S. Kumar and D. S. Rana, Performance of AODV against Black Hole Attacks in Mobile adhoc Networks, International Journal of Computer Technology & Applications, vol. 3, no. 4, (2012) July- August, pp. 1395-1399. [21] S. Om and M. Talib, Wireless Ad-hoc Network under Black-hole Attack, International Journal of Digital Information and Wireless Communications, vol. 1, no. 3, (2011), pp. 591-596. [22] H. A. Esmaili, M. R. K. Shoja and H. gharaee, Performance Analysis of AODV under Black Hole Attack through Use of OPNET Simulator, World of Computer Science and Information Technology Journal, vol. 1, no. 2, (2011) April, pp. 493-52. Authors Eman Farag Ahmed, she graduated from Faculty of Engineering, Zagazig University, Electronics and Communications Department, in 2007. She is working as a research assistant, Department of Electrical Quantities Metrology, National Institute for Standards, Giza, Egypt. She is currently pursuing the MSc degree with the Department of Electrical 52 Copyright c 2014 SERSC

Engineering Al-Azhar University, Egypt. Her research interests are in the areas of computer networking and wireless network security. Reham Abdellatif Abouhogail, she graduated from Faculty of Engineering Ain Shams University, obtained MSc with a Master of Electronics and Communications from Cairo University, obtained Ph.D from Faculty of Engineering Ain Shams University. She is now an assistant professor in the National Institute for Standards, Giza, Egypt. She has 13 years of experience of research. Her area of research includes VLSI Design, Network Security and Wireless Networks. She has published many research papers in International journals and conferences. Ahmed Yahya, he graduated from Ain Shams University and got Ph.D. degree (1998) under the supervision of Professor Hani Fikry. He was appointed as Lecturer at Al-Azhar University 1998 and established his research group. His research interests in the area of Computer Engineering and Computer Science at Graduate levels. He was promoted to Associate Professor in 2012. Copyright c 2014 SERSC 53

54 Copyright c 2014 SERSC