Impact of Black Hole Attack on AODV Routing Protocol

_____________

Impact of Black Hole Attack on AODV Routing Protocol 1 Priyanka Malhotra, 2 Amit Chaudhary

I. INTRODUCTION
Mobile Adhoc networks (MANETs) [1] are usually formed by a group of mobile nodes interconnected via wireless links, which agree to cooperate and forward each other's packets.One of the basic assumptions for the design of routing protocols in MANETs is that every node is honest and cooperative.If a node claims, it has path to a certain node, the claim is trusted; similarly, if a node reports a broken link, the link will no longer be used.They can form arbitrary topologies depending on their connectivity with each other in the network.The nodes have the ability to configure themselves and because of their self configuration ability, they can be deployed urgently without the need of any infrastructure.The MANETs work without a centralized administration where the nodes communicate with each other on the basis of mutual trust.This characteristic makes MANETs more vulnerable to be exploited by an attacker inside the network.Wireless links also makes the MANETs more susceptible to attacks, which make it easier for the attacker to go inside the network and get access to the ongoing communication.Mobile nodes present within the range of wireless link can overhear and even participate in the network.
Security in MANETs is the most important concern for the functionality of network.The availability of network services, confidentiality and integrity of the data can be achieved by assuring that security issues have been met.MANETs suffer from security attacks because of its features like open medium, dynamically changing topology, no central monitoring and management, cooperative algorithms and no defence mechanism.This assumption introduces vulnerability to several types of denial of service (DoS) attacks [5], particularly packet dropping attack.Adversary can easily join the network and drop routing packets passing through it that are expected to be relayed in order to disrupt the regular communications.Consequently, all the routes passing through this node fail to establish a correct routing path between the source and destination nodes.

A. Wireless Medium
Wireless medium is free to access by everyone and it's prone to bit errors or interfacing problem.

B. Lack of Centralized Management
There is no central authority to monitor the traffic in a highly dynamic and large scale ad-hoc network and that makes the detection of attacks difficult

C. Resource Availability
An attacker can easily become an important routing agent and disrupt the network operation by disobeying the protocol specifications as a Mobile Adhoc network is based on cooperative environments.

IJEDR1403039
International Journal of Engineering Development and Research (www.ijedr.org)

D. Infrastructure Less
There are no specific infrastructures for addressing, key distribution, certificates etc.

E. Scalability
The protocols and services that are applied to the adhoc network should be compatible to the continuously changing scale of the adhoc network.

F. Dynamic topology
Dynamic topology may violate the trust relationship among the nodes.

G.. Restricted power supply
Node in mobile ad-hoc network can behave in a selfish manner when there is consumption of battery to support some functions in the network.

H. Bandwidth constraint
Cooperation based security solutions must consider the bandwidth limitation associated with links.

I. Multi hop Routing
As the nodes are dependent on each other for routing, adversaries can generate fabricated routes to create routing loops, false routes etc.

III. SECURITY ATTACKS IN MANET
The attacks can be categorized on the basis of the source of the attacks i.e.Internal or External, and on the behaviour of the attack i.e.Passive or Active attack.

A. Internal attacks
These types of attacks have a direct impact on the nodes that are working in a network.Internal attacks may broadcast wrong type of information to other nodes.These types of attacks are more difficult to be handled as compared to external attacks as internal attacks are initiated by the authorized nodes in the networks, and might come from both compromised and misbehaving nodes.

B. External attacks
External attacks are carried out by nodes that do not belong to the domain of the network.Unlike internal attacks external attacks are mainly due to the nodes outside the networks who want to get access to the network and once they get access to the network they start sending bogus packets, denial of service in order to disrupt the performance of the whole network.These attacks usually aim to cause network congestion, denying access to specific network function or to disrupt the whole network operations.

C. Black Hole Attack in MANET'S
Black hole attack is a kind of Denial of Service (DoS) attacks in MANET.In this attack, a malicious node waits the Route Request message (RREQ) from the neighbour nodes.When it receives the RREQ message, it sends immediately a false RREP with high sequence number to the source node.The source node assumes that the route is fresh route.However, when the source node sends the data packet to the destination node by using this route, the malicious node does not relay the packet and absorbs all data packet.This is called as black hole attack.In the case of multiple malicious nodes that work together with cooperatively, the effect will be more.This type of attack is known as cooperative black hole attack.

IV. MATERIAL & METHODS
Our work is to analyze the impact of Black hole attack Attack in AODV routing protocol based on throughput, packet delivery ratio and end to end delay.We analyzed the Black Hole attack with different scenarios of the network by varying the number of Black hole nodes by keeping the total number of nodes fixed to analyze the performance of the network with AODV routing protocol without attack and under the attack.

A. Parameters Throughput
The average rate at which the total number of data packet is delivered successfully from one node to another over a communication network is known as throughput.The result is found as per KB/Sec.It is calculated by Throughput= (number of delivered packet * packet size) / total duration of simulation.

Packet delivery Ratio
This is the ratio of total number of packets successfully received by the destination nodes to the number of packets sent by the source nodes throughout the simulation.

End-to-End delay
It refers to the time taken for a packet to be transmitted across a network from source to destination.This metric includes all possible delay that may be caused by buffering during route discovery, queuing at the interface queue, retransmission delay at the MAC layer, propagation and transfer time.It is defined as the time taken for a data packet to be transmitted across a MANET from source to destination.The simulation work is done by using the NS-2 simulator.

B. Network Simulator (NS-2)
Network simulator (NS-2) is an open source, discrete event simulation tool.It provides support for simulation of routing, multicast protocols and IP protocols over wired, wireless and satellite networks.It can generate graphical details of network traffic through the NAM.It is written in the C++ programming language with the Object Tool Common Language (OTcl) as the front-end interpreter.For this dissertation NS-2(version NS-2.33) was chosen as a network simulator.

NS-2 Structure
To simulate the network, user has to program with OTcl script language to initiate an event scheduler and set up the network topology using the network objects and tell traffic sources when to start and stop transmitting packets through the event scheduler.OTcl script is executed by NS-2.

NAM
The Network Animator NAM is a graphic tool used with NS-2.It requires a nam-trace file recorded during the simulation and will then show a visual representation of the simulation.

Agents
Agents are defined as the endpoints where packets are created and consumed.The agents are all connected to their parent class, simply named Agent.This is where their general behavior is set and the offspring classes are based on some alterations to the inherent functions in the parent class.The modified functions will overwrite the old and thereby change the performance in order to simulate the desired protocol.

X-Graph
One part of the NS-allinone package is 'xgraph', a plotting program which can be used to create graphic representations of simulation results.

C. Performance Analysis
To investigate the effects of blackhole and flooding attack in AODV routing protocol, we have simulated the scenarios of MANET with and without black hole nodes and the flooding nodes.To test the protocol, we used simulations of a network with 20 nodes with and without the black hole attack.We have conducted four scenarios of the network with AODV routing protocol by increasing the numbers of black hole nodes firstly two then four and finally six.We then compared the results of these simulations under various scenarios.

V. RESULTS & DISCUSSIONS
We compared the results of these simulations to understand the network and node behaviours.The results of the simulation show that the packet loss in the network increases with increase in number of attacker nodes.This is due to increased congestion in the routes towards the attacker nodes.Mobile Ad hoc networks may also experience packet loss due to parameters employed.In our four simulations of network, we noticed that the variation of data loss due to network parameters such as the distribution of the nodes changed.

A. Throughput
The average rate at which the total number of data packet is delivered successfully from one node to another over a communication network is known as throughput.The result is found as per KB/Sec.It is calculated by Throughput= (number of delivered packet * packet size) / total duration of simulation It is obvious that the throughput for AODV is some time high and sometimes low.The malicious node discards the data rather than forwarding it to the destination, thus effecting throughput.The results of the simulation show that the throughput in the network with a Blackhole node decreases by increasing the number of blackhole nodes in the network.It is obvious that the throughput for the case with AODV, without attack, is higher than the throughput of AODV under attack as also shown in figure 1.The throughput keeps on decreasing as the numbers of malicious nodes are increased in the network keeping the total number of nodes constant in each scenario.This is because of the fewer routing forwarding and routing traffic.Here the malicious node discards the data rather than forwarding it to the destination, thus effecting throughput.
As throughput is the ratio of the total data received from source to the time it takes till the receiver receives the last packet.A lower delay translates into higher throughput.The overall low throughput of AODV is due to route reply.As the malicious node immediately sends its route reply and the data is sent to the malicious node which discard all the data.The network throughput is much lower.

B. Packet delivery Ratio (PDR)
This is the ratio of total number of packets successfully received by the destination nodes to the number of packets sent by the source nodes throughout the simulation.The results of the simulation show that the number of packets successfully delivered in the network with a Black hole node decreases by increasing the number of black hole nodes in the network.This is due to increase in the probability that more number of packets that pass through the black hole node increases with increase in the number of the black hole node.The malicious node discards the data rather than forwarding it to the destination.As such nodes are increased in the network more and more packets are discarded thus affecting the delivery ratio of the network.

C. End to End Delay (E2E delay)
End-to-end delay refers to the time taken for a packet to be transmitted across a network from source to destination.This metric includes all possible delay that may be caused by buffering during route discovery, queuing at the interface queue, retransmission delay at the MAC layer, propagation and transfer time.It is defined as the time taken for a data packet to be transmitted across a MANET from source to destination.The results of the simulation show that the end to end delay keeps on increasing as the number of attacker nodes are increased in the network.The attacker nodes present in the network drop the packets and hence a retransmission is required.As such nodes are increased in the network the probability of the packet being getting dropped also increases thus more and more retransmissions are required and thus increasing the overall end to end delay with the increase in attacker nodes.

VI. CONCLUSIONS
The future of ad-hoc networks is really appealing, giving the vision of -anytime, anywhere and cheap communications.Before those imagined scenarios come true, huge amount of work is to be done in both research and implementation.We tried to discover and analyze the impact of Black Hole attack in MANETs using AODV routing protocol by generating the traffic using the CBR, the same needs to be tested for the other ways of generating traffic i.e. exponential or the Poisson.There is a need to analyze Black Hole attack in other MANETs routing protocols such as DSR, TORA and GRP.Other types of attacks such as Wormhole, Jellyfish and Sybil attacks are needed to be studied in comparison with Black Hole attack.They can be categorized on the basis of how much they affect the performance of the network.Although many solutions have been proposed but still these solutions are not perfect in terms of effectiveness and efficiency.If any solution works well in the presence of one attack, it cannot be applicable in case of other attacks.The detection of the Black Hole attack as well as the elimination strategy for such behaviour has to be carried out for further research.
Mobile Ad Hoc Networks (MANETs) is a collection of wireless mobile nodes connected by wireless links forming a temporary network without the aid of any infrastructure or any centralized administration.The nodes communicate with each other on the basis of mutual trust.These nodes can act as host/router or both at the same time.They can form arbitrary topologies depending on their connectivity with each other in the network.This characteristic makes MANETs more vulnerable to be exploited by an attacker inside the network.Wireless links also makes the MANETs more susceptible to attacks, which make it easier for the attacker to go inside the network and get access to the ongoing communication.Owing to its mobility and broadcast nature MANETs are particularly vulnerable to attacks over traditional wired networks finally makes them susceptible to various active and passive attacks because of its limited physical security, dynamically changing network topology, energy constrained operations and lack of centralized administration.MANETs often suffer from security attacks because of its features like open medium, lack of central monitoring and management, cooperative algorithms and no clear defense mechanism.In particular, black hole attacks can be easily deployed into the MANETs by the adversary.Our objective is to thoroughly capture and analyze the impact of Black Hole attacks on MANET performance using reactive (AODV) routing protocol with varying number of Black Hole nodes in the MANET.We have used Performance Metrics i.e.Throughput, Packet delivery Ratio, Packet Drop ratio to analyze the impact of Black hole attack on AODV Routing Protocol in MANET using the NS-2 simulator.

Fig 1
Fig 1 Throughput for AODV Protocol with and without Black Hole Node

Fig 2
Fig 2 Packet Delivery Ratio for AODV Protocol with and without Black Hole Node

Fig 3
Fig 3 End to End Delay for AODV Protocol with and without Black Hole Node