AODV Protocol

DETECTION & PERVENTION OF BLACKHOLE ATTACK IN AODV PROTOCOL BASED MANET

Guided By- Mrs. Monika Dangore.

Projectees- – RANJAN MUJUMDAR – TOMY PALLISSERY– UPENDRA BANGALE– DARSHAN RATHI

Keywords1. AODV - Ad hoc On-Demand Distance Vector (AODV)

2. Blackhole

3. MANET - A mobile ad hoc network (MANET)

4. Malicious node

5. PDR – Packet delivery ratio

6. Routing protocol

7. Route Request (RREQ)

Keywords(cont..)8. Route Reply (RREP)

9. Routing Table or Routing Information Base (RIB)

10. Sequences number

Literature Survey

Sr. No

Title of Paper Year of

pub.

Conferences Idea Result Future work

1 Preventing AODV Routing Protocol from

Black Hole Attack .[1]

May 2011

International Journal of

Engineering Science and Technology

(IJEST)

Large difference between the

sequence number of

source node or intermediate node who has sent back RREP or not to find weather it is a malicious node

or not .

ThePDR

decreases, the

percentage of packets dropped increases

Intend to develop

simulation by the

performance of the proposed

solution based on the various

security parameters mean delay time, packet

overhead, memory usage,

mobility, increasing number of

malicious node, increasing number of

nodes.

Sr. No


pub.


2 Black-Hole and

Wormhole Attack in RoutingProtocol AODV in

MANET[2]

Feb2012

International Journal of Computer Science,

Engineering and

Applications (IJCSEA)

Vol.2, No.1.

Watchdog Mechanism

During blackhole Counter of dropped

packets was noticed to

decreases at the node,

After watchdog method

implementation counter of successfully forwarded packets are

been done, PDR increases at an marginal rate.

Try to Improve the data security in mobile ad-hoc network.

Sr. No


pub.


3 Risk Mitigation of

Black Hole Attack for

AODV Routing Protocol[3]

July-Aug. 2012

IOSR Journal of Computer Engineering

(IOSRJCE)ISSN: 2278-

0661 Volume 3, Issue 3 (July-Aug.

2012), PP 12-15

The route confirmation request

(CREQ) and route

confirmation reply

(CREP) to avoid theblack hole

attack.

Presence of malicious node is Detected and

protect the network from degradation.

PDR increases,End to end

delay decreases, throughput increases.

Try and reduces the Time delay,

much network

overheads because of

newly introduced

packets.

Sr. No


pub.


4 Simulation of AODV under

Black hole Attack in

MANET [4]

Feb 2012

International Journal of Advanced

Research in Computer

Science and Software

Engineering Research

Paper

Source sends a spoof

packet to the

destinationFor

detecting malicious

node.

Packet Delivery Ratio increases,Average end to

end delivery increases.

Incase of blackhole - In

AODV the packet delivery ratio is reduced to 80%.

After prevention- There is nearly 21% increase in

PDR .

Try and increase

prevention during a

blackhole and to

improve data security.

Sr. No


pub.


5 Performance Analysis of

Aodv Protocol under Black Hole Attack

[5]

Aug-2011


Scientific & Engineering

Research Volume 2, Issue 8 1

ISSN 2229-5518

Route discovery

packet method

The performance of the network is decreased. The

PDR and Throughput of the network

has decreased drastically.

Try to improve the performance

in later Stages.

Sr. No


pub.


6 Black Hole Detection in

MANET Using AODV Routing Protocol. [6]

Jan- 2012


Soft Computing

and Engineering

(IJSCE)

Using promiscuous mode of the

node.

The throughput of network is decreased,

proposed algorithm

giving the good throughput

with black hole attack. End to

End delay decreases.

Propose a more feasible

solution to detect the black hole

attack.

Sr. No


pub.


7 Securing and Preventing

AODV Routing Protocol from

Black Hole Attack

using Counter Algorithm[7]

July - 2012


Engineering Research & Technology

(IJERT)Vol. 1 Issue

5, ISSN: 2278-0181

Counteralgorithm or

prior Receive-

Reply algorithm

Significant improvement

of packetdelivery ratio (PDR) and an average End-

to-Enddelay.

Try to improve the performance

in later Stages.

Sr. No

Title of Paper

Year of pub.


8 Discovering a Secure Path in

MANET by Avoiding

Black/Gray Holes [8]

August 2012


Recent Technology

and Engineering (IJRTE) ISSN: 2277-3878, Volume-1,

Issue-3

Large difference between the

sequence number of

source node or intermediate node who has sent back RREP or not to find weather it is a malicious node or not . Using

OPNET.

Increase in number of

nodes Lesser the End to End, greater the

PDR andThroughput.

Try to improve

performances with less number of

nodes.

Sr. No


pub.

Location Idea Result Future work

9 Detection and Prevention from Black

Hole attack in AODV

protocol for MANET.[9]

July 2012

International Journal of Computer

Applications (0975 – 8887)

Volume 50 – No.5,

Adding an IDS node to

AODV protocol.

During blackhole

attack- PDR is only 0.14%.

Used IDS_AODV in the same

network, the packet delivery

fractioned is increased up to

99 %.

Extended to other

proactive and reactive

routing protocols.

We can also extend this research to

secure routing

protocols against other attacks such

as Wormhole attack,

Jellyfish attack etc.

Ad-hoc On-Demand Distance Vector (AODV)

Routing

01001010100101011110010010100100101000101010110101010101010101010101010101010101010101010101100101001110100101010101010101010101010101010101010110101010101010101010101010101010101010101010101010101010101010101 010101101010 11110011101 100110001010101010101010 10010111100010010010101010101000001 111110011010101011101101001111101010111010011010101010100101010100101010010101010110101010000010100000101101111111010101001010100100101111110101100110010100110100100100

When/Why do we need AODV?

• Basically when there is one node that wants to communicate with another node that is not in range, it finds a route through other nodes. In the example below node 1 is not in range with node 3, so it simply talks to node 3 through node 2.

Node 1 Node 2 Node 3

How does it work?

• AODV Routing works by using Route Request Messages (RREQ) and Route Reply Messages (RREP). If a node is not in range with a node that it wants to talk to, it sends a RREQ to its neighbors. The RREQ contains source IP address and sequence number, and destination IP address and sequence number, as well as the life span of the RREQ. If a neighbor of the source doesn’t know a route to the destination, it rebroadcasts the RREQ. If a neighbor does know a route to the destination, it sends a RREP back to the source. Below, Node 1 is trying to talk to node 5.

Node 3 Node 2 Node 1 Node 4 Node 5

RREQRREQ RREQ

RREP

How does it work? continued

• As seen in the last slide, node 4 had a route to node 5, so it sent node 1 a RREP. Once node 1 receives the RREP, it notes the route to node 5 and sends the packet on that route.

• SUCCESS!!NODE 5 receivedthe packet.

Node 1 Node 4 Node 5

RREQ

RREP

Packet Packet

Node 1

Node 2

Node 3

Node 4

Node 5

RREQ

RREP

AODV Protocol

Now we can see it all in action!

Flooding for Control PacketDelivery - Example

Y

Z

B

AH

S E

C

G

I

FM

LJ

D

K N

Represents a node that has received packet P

Represents that connected nodes are within eachother’s transmission range 4-13

Flooding for Control PacketDelivery

YBroadcast transmission

Z

B

AH

S E

C

G

I

FM

LJ

D

K N

Represents a node that receives packet P forthe first time

Represents transmission of packet P4-14


Y

Z

B

AH

S E

C

G

I

FM

LJ

D

K N

� Node H receives packet P from two neighbors:potential for collision

4-15


Y

Z

B

AH

S E

C

G

I

FM

LJ

D

K N

� Node C receives packet P from G and H, but does not forwardit again, because node C has already forwarded packet P once

4-16

Flooding for Control packetDelivery

Y

Z

B

AH

S E

C

G

I

FM

LJ

D

K N

� Nodes J and K both broadcast packet P to node D� Since nodes J and K are hidden from each other, theirtransmissions may collide

=> Packet P may not be delivered to node D at all,despite the use of flooding 4-17


Y

Z

B

AH

S E

C

G

I

FM

LJ

D

K N

� Node D does not forward packet P, because node Dis the intended destination of packet P

4-18


Y

Z

B

AH

� Flooding completed

S E

C

G

I

FM

LJ

D

K N

� Nodes unreachable from S do not receive packet P (e.g., node Z)

� Nodes for which paths go through the destination Dalso do not receive packet P (example: node N) 4-19


Y

Z

B

AH

S E

C

G

I

FM

LJ

D

K N

� Flooding may deliver packets to too many nodes(in the worst case, all nodes reachable from sendermay receive the packet)

4-20

• AODV is a packet routing protocol designed for use in mobile ad hoc networks (MANET)

• Intended for networks that may contain thousands of nodes

• One of a class of demand-driven protocols

• Each node maintains a routing table that contains information about reaching destination nodes.

AODV Overview

• The basic message set consists of:– RREQ – Route request– RREP – Route reply– RERR – Route error– HELLO – For link status monitoring

Overview (continued)

• RREQ Messages

– A RREQ message is broadcasted when a node needs to discover a route to a destination.

– The RREQ also contains the most recent sequence number for the destination.

– A valid destination route must have a sequence number at least as great as that contained in the RREQ.

AODV Operation – Message Types

RREQ Message

B?

B? B

?B

?

B?

B?

B?

B

A

• RREP Messages– When a RREQ reaches a destination node, the destination

route is made available by unicasting a RREP back to the source route.

– A node generates a RREP if:• It is itself the destination.• It has an active route to the destination.

– As the RREP propagates back to the source node, intermediate nodes update their routing tables (in the direction of the destination node).


RREP Message

B

A

A

A

A

A

A

A

Route Error Message: RERR are used mainly when nodes get moved

around and connections are lost. If a node receives a RERR, it deletes all routes associated with the new error. Error messages are sent when a route becomes invalid, or if it cannot communicate with one of its neighbors.


• HELLO Message:These are simple messages that nodes send at certain time intervals to all its neighbors to let them know that it is still there. If a node stops receiving hello messages from one of its neighbors, it knows that any routes through that node no longer exist.


Message routing

A

B D

FC

G

E

RREQ

RREQ

RREQ

RREQ

RREQ

RREQRREQ

RREQ

RREQ

RREP

RREP

RREP

Source

Destination

36

RREQ Format

• Type: 1

• J: Join flag (reserved for multicast); R: Repair flag (for multicast)

37

• G: Gratuitous RREP flag; indicates whether a gratuitous RREP should be unicast to the node specified in the Destination IP Address field

• Hop Count: The number of hops from the Source IP Address to the node handling the request

• Broadcast ID: A sequence number uniquely identifying the particular RREQ when taken in conjunction with the source node's IP address.

• Destination IP Address: The IP address of destination for which a route is desired.

• Destination Sequence Number: The last sequence number received in the past by the source for any route towards the destination.

• Source IP Address: The IP address of the node which originated the Route Request.

• Source Sequence Number: The current sequence number to be used for route entries pointing to (and generated by) the source of the route request.

38

RREP Format

• Lifetime: The time for which nodes receiving the RREP consider the route to be valid.

• There are two phases– Route Discovery.– Route Maintenance.

• Each node maintains a routing table with knowledge about the network.

• AODV deals with route table management.• Route information maintained even for short lived

routes – reverse pointers.

AODV Routing

• Broadcast RREQ messages.• Intermediate nodes update their routing table• Forward the RREQ if it is not the destination.• Maintain back-pointer to the originator.• Destination generates RREP message.• RREP sent back to source using the reverse

pointer set up by the intermediate nodes.• RREP reaches source, communication starts.

Discovery

• Hello messages broadcast by active nodes periodically HELLO_INTERVAL.

• No hello message from a neighbor in DELETE_PERIOD, link failure identified.

• A local route repair to that next hop initiated.• After a timeout ,error propagated both to originator

and destination.• Entries based on the node invalidated.

Maintenance

Error Messages RERR

• RERR are used mainly when nodes get moved around and connections are lost. If a node receives a RERR, it deletes all routes associated with the new error. Error messages are sent either when a message (not RREQ or RREP) is sent to a node that has no route to the destination, or when a route becomes invalid, or if it cannot communicate with one of its neighbors.

• AODV route discovery latency is high• AODV lacks an efficient route maintenance

technique• AODV lacks support for high throughput

routing metrics

Limitation of AODV protocol

It gets complicated!

• Things get much more complicated with many nodes. This is because nodes have many neighbors so RREQ get rebroadcasted a lot! That’s why sequence numbers and life spans

are so key.

45

RERR Format

• N: No delete flag; set when a node has performed a local repair of a link, and upstream nodes should not delete the route.

Second International Conference on Security in Computer Networks and Distributed Systems (snds-2014),THIRUVANANTAPURAM Conference Date March 13 -14, 2014International Conference on Communication Network and Computing(CNC),CHENNAI Conference Date: Feb 21-22, 2014

Conferences Where We Plan To Participate In

MONTHLY PROJECT MANAGEMENT

Completed To be completed Not started

#DAYS Jul Aug Sept Oct Nov Dec

LITERATURE SURVEY 165 days

LITERATURE SURVEYON MANET

15 days

LITERATURE SURVEYON AODV Protocol

23 days

LITERATURE SURVEYON BLACKHOLE ATTACKS

15 days

Study of NS-2 15 days

IMPLEMENATATION OF SIMPLE DATA TRANSMISSION PROGRAM

27 days

PAPER WRITING AND PUBLISHING IN VARIOUS CONFERENCES

70 days

Start EndToday

2013GANTT CHART

Entire Lifespan of the Project

15th Jul

Dec 2013

8th Aug.

23rd Aug

7th Sept.

14th Oct.

References.[1] Jiwen CAI, Ping YI, Jialin CHEN “Preventing AODV Routing Protocol from Black Hole Attack .”,MAY 2011 24th

IJEST.[2] Songbai Lu, Longxuan Li, Kwok-Yan, Lingyan Jia “Black-Hole and Wormhole Attack in Routing Protocol AODV

in MANET”,FEB 2012[3] “Risk Mitigation of Black Hole Attack for AODV Routing Protocol” China JULY AUG 2012, IOSR Journal of

Computer Engineering (IOSRJCE) ISSN: 2278-0661 Volume 3, Issue 3 (July-Aug. 2012), PP 12-15[4] “Simulation of AODV under Black hole Attack in MANET” International Journal of Advanced Research in

Computer Science and Software Engineering Research Paper FEB 2012[5] Weerasinghe.H. “Performance Analysis of Aodv Protocol under Black Hole Attack ”, International Journal of

Scientific & Engineering Research Volume 2, Issue 8 1 ISSN 2229-5518 AUG 2011[6] Dokurer .S, Y. M. Erten , Can Erkin Acar “Black Hole Detection in MANET Using AODV Routing Protocol.”,

International Journal of Soft Computing and Engineering (IJSCE) ,JAN 2012[7] Deng, H., Li, W. “Agrawal, D., "Securing and Preventing AODV Routing Protocol from Black Hole Attack using

Counter Algorithm” International Journal of Engineering Research & Technology (IJERT)Vol. 1 Issue 5, ISSN:2278-0181, JULY 2012

[8] K. Lakshmi1, S.Manju Priya2 A.Jeevarathinam3 K.Rama4, K.Thilagam5, Lecturer, Dept. of Computer Applications, Karpagam University, Coimbatore.” Discovering a Secure Path in MANET by Avoiding Black/Gray Holes “, International Journal of Engineering Research & Technology (IJERT)Vol. 1 Issue 5, ISSN: 2278-0181,AUG 2012

[9] Ming- Yang Su, Kun- Lin Chiang, Wei Cheng Liao. “Detection and Prevention from Black Hole attack in AODV protocol for MANET.”, International Journal of Computer Applications (0975 – 8887) Volume 50 – No.5, JULY 2012

Education

AODV Protocol