Upload
darshan-rathi
View
1.519
Download
4
Tags:
Embed Size (px)
DESCRIPTION
Citation preview
DETECTION & PERVENTION OF BLACKHOLE ATTACK IN AODV PROTOCOL BASED MANET
Guided By- Mrs. Monika Dangore.
Projectees- – RANJAN MUJUMDAR – TOMY PALLISSERY– UPENDRA BANGALE– DARSHAN RATHI
Keywords1. AODV - Ad hoc On-Demand Distance Vector (AODV)
2. Blackhole
3. MANET - A mobile ad hoc network (MANET)
4. Malicious node
5. PDR – Packet delivery ratio
6. Routing protocol
7. Route Request (RREQ)
Keywords(cont..)8. Route Reply (RREP)
9. Routing Table or Routing Information Base (RIB)
10. Sequences number
Literature Survey
Sr. No
Title of Paper Year of
pub.
Conferences Idea Result Future work
1 Preventing AODV Routing Protocol from
Black Hole Attack .[1]
May 2011
International Journal of
Engineering Science and Technology
(IJEST)
Large difference between the
sequence number of
source node or intermediate node who has sent back RREP or not to find weather it is a malicious node
or not .
ThePDR
decreases, the
percentage of packets dropped increases
Intend to develop
simulation by the
performance of the proposed
solution based on the various
security parameters mean delay time, packet
overhead, memory usage,
mobility, increasing number of
malicious node, increasing number of
nodes.
Sr. No
Title of Paper Year of
pub.
Conferences Idea Result Future work
2 Black-Hole and
Wormhole Attack in RoutingProtocol AODV in
MANET[2]
Feb2012
International Journal of Computer Science,
Engineering and
Applications (IJCSEA)
Vol.2, No.1.
Watchdog Mechanism
During blackhole Counter of dropped
packets was noticed to
decreases at the node,
After watchdog method
implementation counter of successfully forwarded packets are
been done, PDR increases at an marginal rate.
Try to Improve the data security in mobile ad-hoc network.
Sr. No
Title of Paper Year of
pub.
Conferences Idea Result Future work
3 Risk Mitigation of
Black Hole Attack for
AODV Routing Protocol[3]
July-Aug. 2012
IOSR Journal of Computer Engineering
(IOSRJCE)ISSN: 2278-
0661 Volume 3, Issue 3 (July-Aug.
2012), PP 12-15
The route confirmation request
(CREQ) and route
confirmation reply
(CREP) to avoid theblack hole
attack.
Presence of malicious node is Detected and
protect the network from degradation.
PDR increases,End to end
delay decreases, throughput increases.
Try and reduces the Time delay,
much network
overheads because of
newly introduced
packets.
Sr. No
Title of Paper Year of
pub.
Conferences Idea Result Future work
4 Simulation of AODV under
Black hole Attack in
MANET [4]
Feb 2012
International Journal of Advanced
Research in Computer
Science and Software
Engineering Research
Paper
Source sends a spoof
packet to the
destinationFor
detecting malicious
node.
Packet Delivery Ratio increases,Average end to
end delivery increases.
Incase of blackhole - In
AODV the packet delivery ratio is reduced to 80%.
After prevention- There is nearly 21% increase in
PDR .
Try and increase
prevention during a
blackhole and to
improve data security.
Sr. No
Title of Paper Year of
pub.
Conferences Idea Result Future work
5 Performance Analysis of
Aodv Protocol under Black Hole Attack
[5]
Aug-2011
International Journal of
Scientific & Engineering
Research Volume 2, Issue 8 1
ISSN 2229-5518
Route discovery
packet method
The performance of the network is decreased. The
PDR and Throughput of the network
has decreased drastically.
Try to improve the performance
in later Stages.
Sr. No
Title of Paper Year of
pub.
Conferences Idea Result Future work
6 Black Hole Detection in
MANET Using AODV Routing Protocol. [6]
Jan- 2012
International Journal of
Soft Computing
and Engineering
(IJSCE)
Using promiscuous mode of the
node.
The throughput of network is decreased,
proposed algorithm
giving the good throughput
with black hole attack. End to
End delay decreases.
Propose a more feasible
solution to detect the black hole
attack.
Sr. No
Title of Paper Year of
pub.
Conferences Idea Result Future work
7 Securing and Preventing
AODV Routing Protocol from
Black Hole Attack
using Counter Algorithm[7]
July - 2012
International Journal of
Engineering Research & Technology
(IJERT)Vol. 1 Issue
5, ISSN: 2278-0181
Counteralgorithm or
prior Receive-
Reply algorithm
Significant improvement
of packetdelivery ratio (PDR) and an average End-
to-Enddelay.
Try to improve the performance
in later Stages.
Sr. No
Title of Paper
Year of pub.
Conferences Idea Result Future work
8 Discovering a Secure Path in
MANET by Avoiding
Black/Gray Holes [8]
August 2012
International Journal of
Recent Technology
and Engineering (IJRTE) ISSN: 2277-3878, Volume-1,
Issue-3
Large difference between the
sequence number of
source node or intermediate node who has sent back RREP or not to find weather it is a malicious node or not . Using
OPNET.
Increase in number of
nodes Lesser the End to End, greater the
PDR andThroughput.
Try to improve
performances with less number of
nodes.
Sr. No
Title of Paper Year of
pub.
Location Idea Result Future work
9 Detection and Prevention from Black
Hole attack in AODV
protocol for MANET.[9]
July 2012
International Journal of Computer
Applications (0975 – 8887)
Volume 50 – No.5,
Adding an IDS node to
AODV protocol.
During blackhole
attack- PDR is only 0.14%.
Used IDS_AODV in the same
network, the packet delivery
fractioned is increased up to
99 %.
Extended to other
proactive and reactive
routing protocols.
We can also extend this research to
secure routing
protocols against other attacks such
as Wormhole attack,
Jellyfish attack etc.
Ad-hoc On-Demand Distance Vector (AODV)
Routing
01001010100101011110010010100100101000101010110101010101010101010101010101010101010101010101100101001110100101010101010101010101010101010101010110101010101010101010101010101010101010101010101010101010101010101 010101101010 11110011101 100110001010101010101010 10010111100010010010101010101000001 111110011010101011101101001111101010111010011010101010100101010100101010010101010110101010000010100000101101111111010101001010100100101111110101100110010100110100100100
When/Why do we need AODV?
• Basically when there is one node that wants to communicate with another node that is not in range, it finds a route through other nodes. In the example below node 1 is not in range with node 3, so it simply talks to node 3 through node 2.
Node 1 Node 2 Node 3
How does it work?
• AODV Routing works by using Route Request Messages (RREQ) and Route Reply Messages (RREP). If a node is not in range with a node that it wants to talk to, it sends a RREQ to its neighbors. The RREQ contains source IP address and sequence number, and destination IP address and sequence number, as well as the life span of the RREQ. If a neighbor of the source doesn’t know a route to the destination, it rebroadcasts the RREQ. If a neighbor does know a route to the destination, it sends a RREP back to the source. Below, Node 1 is trying to talk to node 5.
Node 3 Node 2 Node 1 Node 4 Node 5
RREQRREQ RREQ
RREP
How does it work? continued
• As seen in the last slide, node 4 had a route to node 5, so it sent node 1 a RREP. Once node 1 receives the RREP, it notes the route to node 5 and sends the packet on that route.
• SUCCESS!!NODE 5 receivedthe packet.
Node 1 Node 4 Node 5
RREQ
RREP
Packet Packet
Node 1
Node 2
Node 3
Node 4
Node 5
RREQ
RREP
AODV Protocol
Now we can see it all in action!
Flooding for Control PacketDelivery - Example
Y
Z
B
AH
S E
C
G
I
FM
LJ
D
K N
Represents a node that has received packet P
Represents that connected nodes are within eachother’s transmission range 4-13
Flooding for Control PacketDelivery
YBroadcast transmission
Z
B
AH
S E
C
G
I
FM
LJ
D
K N
Represents a node that receives packet P forthe first time
Represents transmission of packet P4-14
Flooding for Control PacketDelivery
Y
Z
B
AH
S E
C
G
I
FM
LJ
D
K N
� Node H receives packet P from two neighbors:potential for collision
4-15
Flooding for Control PacketDelivery
Y
Z
B
AH
S E
C
G
I
FM
LJ
D
K N
� Node C receives packet P from G and H, but does not forwardit again, because node C has already forwarded packet P once
4-16
Flooding for Control packetDelivery
Y
Z
B
AH
S E
C
G
I
FM
LJ
D
K N
� Nodes J and K both broadcast packet P to node D� Since nodes J and K are hidden from each other, theirtransmissions may collide
=> Packet P may not be delivered to node D at all,despite the use of flooding 4-17
Flooding for Control PacketDelivery
Y
Z
B
AH
S E
C
G
I
FM
LJ
D
K N
� Node D does not forward packet P, because node Dis the intended destination of packet P
4-18
Flooding for Control PacketDelivery
Y
Z
B
AH
� Flooding completed
S E
C
G
I
FM
LJ
D
K N
� Nodes unreachable from S do not receive packet P (e.g., node Z)
� Nodes for which paths go through the destination Dalso do not receive packet P (example: node N) 4-19
Flooding for Control PacketDelivery
Y
Z
B
AH
S E
C
G
I
FM
LJ
D
K N
� Flooding may deliver packets to too many nodes(in the worst case, all nodes reachable from sendermay receive the packet)
4-20
• AODV is a packet routing protocol designed for use in mobile ad hoc networks (MANET)
• Intended for networks that may contain thousands of nodes
• One of a class of demand-driven protocols
• Each node maintains a routing table that contains information about reaching destination nodes.
AODV Overview
• The basic message set consists of:– RREQ – Route request– RREP – Route reply– RERR – Route error– HELLO – For link status monitoring
Overview (continued)
• RREQ Messages
– A RREQ message is broadcasted when a node needs to discover a route to a destination.
– The RREQ also contains the most recent sequence number for the destination.
– A valid destination route must have a sequence number at least as great as that contained in the RREQ.
AODV Operation – Message Types
RREQ Message
B?
B? B
?B
?
B?
B?
B?
B
A
• RREP Messages– When a RREQ reaches a destination node, the destination
route is made available by unicasting a RREP back to the source route.
– A node generates a RREP if:• It is itself the destination.• It has an active route to the destination.
– As the RREP propagates back to the source node, intermediate nodes update their routing tables (in the direction of the destination node).
AODV Operation – Message Types
RREP Message
B
A
A
A
A
A
A
A
Route Error Message: RERR are used mainly when nodes get moved
around and connections are lost. If a node receives a RERR, it deletes all routes associated with the new error. Error messages are sent when a route becomes invalid, or if it cannot communicate with one of its neighbors.
AODV Operation – Message Types
• HELLO Message:These are simple messages that nodes send at certain time intervals to all its neighbors to let them know that it is still there. If a node stops receiving hello messages from one of its neighbors, it knows that any routes through that node no longer exist.
AODV Operation – Message Types
Message routing
A
B D
FC
G
E
RREQ
RREQ
RREQ
RREQ
RREQ
RREQRREQ
RREQ
RREQ
RREP
RREP
RREP
Source
Destination
36
RREQ Format
• Type: 1
• J: Join flag (reserved for multicast); R: Repair flag (for multicast)
37
• G: Gratuitous RREP flag; indicates whether a gratuitous RREP should be unicast to the node specified in the Destination IP Address field
• Hop Count: The number of hops from the Source IP Address to the node handling the request
• Broadcast ID: A sequence number uniquely identifying the particular RREQ when taken in conjunction with the source node's IP address.
• Destination IP Address: The IP address of destination for which a route is desired.
• Destination Sequence Number: The last sequence number received in the past by the source for any route towards the destination.
• Source IP Address: The IP address of the node which originated the Route Request.
• Source Sequence Number: The current sequence number to be used for route entries pointing to (and generated by) the source of the route request.
38
RREP Format
• Lifetime: The time for which nodes receiving the RREP consider the route to be valid.
• There are two phases– Route Discovery.– Route Maintenance.
• Each node maintains a routing table with knowledge about the network.
• AODV deals with route table management.• Route information maintained even for short lived
routes – reverse pointers.
AODV Routing
• Broadcast RREQ messages.• Intermediate nodes update their routing table• Forward the RREQ if it is not the destination.• Maintain back-pointer to the originator.• Destination generates RREP message.• RREP sent back to source using the reverse
pointer set up by the intermediate nodes.• RREP reaches source, communication starts.
Discovery
• Hello messages broadcast by active nodes periodically HELLO_INTERVAL.
• No hello message from a neighbor in DELETE_PERIOD, link failure identified.
• A local route repair to that next hop initiated.• After a timeout ,error propagated both to originator
and destination.• Entries based on the node invalidated.
Maintenance
Error Messages RERR
• RERR are used mainly when nodes get moved around and connections are lost. If a node receives a RERR, it deletes all routes associated with the new error. Error messages are sent either when a message (not RREQ or RREP) is sent to a node that has no route to the destination, or when a route becomes invalid, or if it cannot communicate with one of its neighbors.
• AODV route discovery latency is high• AODV lacks an efficient route maintenance
technique• AODV lacks support for high throughput
routing metrics
Limitation of AODV protocol
It gets complicated!
• Things get much more complicated with many nodes. This is because nodes have many neighbors so RREQ get rebroadcasted a lot! That’s why sequence numbers and life spans
are so key.
45
RERR Format
• N: No delete flag; set when a node has performed a local repair of a link, and upstream nodes should not delete the route.
Second International Conference on Security in Computer Networks and Distributed Systems (snds-2014),THIRUVANANTAPURAM Conference Date March 13 -14, 2014International Conference on Communication Network and Computing(CNC),CHENNAI Conference Date: Feb 21-22, 2014
Conferences Where We Plan To Participate In
MONTHLY PROJECT MANAGEMENT
Completed To be completed Not started
#DAYS Jul Aug Sept Oct Nov Dec
LITERATURE SURVEY 165 days
LITERATURE SURVEYON MANET
15 days
LITERATURE SURVEYON AODV Protocol
23 days
LITERATURE SURVEYON BLACKHOLE ATTACKS
15 days
Study of NS-2 15 days
IMPLEMENATATION OF SIMPLE DATA TRANSMISSION PROGRAM
27 days
PAPER WRITING AND PUBLISHING IN VARIOUS CONFERENCES
70 days
Start EndToday
2013GANTT CHART
Entire Lifespan of the Project
15th Jul
Dec 2013
8th Aug.
23rd Aug
7th Sept.
14th Oct.
References.[1] Jiwen CAI, Ping YI, Jialin CHEN “Preventing AODV Routing Protocol from Black Hole Attack .”,MAY 2011 24th
IJEST.[2] Songbai Lu, Longxuan Li, Kwok-Yan, Lingyan Jia “Black-Hole and Wormhole Attack in Routing Protocol AODV
in MANET”,FEB 2012[3] “Risk Mitigation of Black Hole Attack for AODV Routing Protocol” China JULY AUG 2012, IOSR Journal of
Computer Engineering (IOSRJCE) ISSN: 2278-0661 Volume 3, Issue 3 (July-Aug. 2012), PP 12-15[4] “Simulation of AODV under Black hole Attack in MANET” International Journal of Advanced Research in
Computer Science and Software Engineering Research Paper FEB 2012[5] Weerasinghe.H. “Performance Analysis of Aodv Protocol under Black Hole Attack ”, International Journal of
Scientific & Engineering Research Volume 2, Issue 8 1 ISSN 2229-5518 AUG 2011[6] Dokurer .S, Y. M. Erten , Can Erkin Acar “Black Hole Detection in MANET Using AODV Routing Protocol.”,
International Journal of Soft Computing and Engineering (IJSCE) ,JAN 2012[7] Deng, H., Li, W. “Agrawal, D., "Securing and Preventing AODV Routing Protocol from Black Hole Attack using
Counter Algorithm” International Journal of Engineering Research & Technology (IJERT)Vol. 1 Issue 5, ISSN:2278-0181, JULY 2012
[8] K. Lakshmi1, S.Manju Priya2 A.Jeevarathinam3 K.Rama4, K.Thilagam5, Lecturer, Dept. of Computer Applications, Karpagam University, Coimbatore.” Discovering a Secure Path in MANET by Avoiding Black/Gray Holes “, International Journal of Engineering Research & Technology (IJERT)Vol. 1 Issue 5, ISSN: 2278-0181,AUG 2012
[9] Ming- Yang Su, Kun- Lin Chiang, Wei Cheng Liao. “Detection and Prevention from Black Hole attack in AODV protocol for MANET.”, International Journal of Computer Applications (0975 – 8887) Volume 50 – No.5, JULY 2012