Professional Documents
Culture Documents
By
Sheraz Salim
Student ID 20388626
Presented to Faculty of
In Partial Fulfilment
Of the Requirements
Finally, I would like to dedicate this thesis to my parents, brother and sister. Without
their support it wasn’t possible to complete this project.
The scope of this project is to study the effects of Pulse Jammer attack and Misbehavior
nodes using Proactive routing protocol i.e. Optimized Link State Routing Protocol (OLSR),
Reactive routing protocol Ad Hoc On Demand Distance Vector (AODV) and Geographical
Routing Protocol (GRP). The impact of attack on MANET performance is evaluated finding
out which protocol is more vulnerable to these attacks. The measurements were taken in light
of throughput, network load, delay and packet delivery ratio. The simulation work is done in
Optimized Network Engineering Tool (OPNET).
CHAPTER NO 1
Introduction
The advent of wireless technology is one of the biggest breakthroughs of modern technology.
This technology enables the users to utilize the freedom of movement and the use of the
equipment while on the move. Initially the use of wireless technology was restricted for the
military purposes to provide cutting edge to the defence forces. However, during the 1980s
Wireless network provide connectivity between end nodes i.e. PDA, Notebooks, Mobile
phones etc, without the use of wires. The transmission occurs on electromagnetic waves,
know as radio waves. Wireless network can be combination of switches, routers and hosts
without any wired connected to each other, they must functional wirelessly. A router is
responsible for packet forwarding in the network and host are source or destination of the
data flow. Wireless network giving edge compare to traditional networks as there is no
physical cable required for data transfer. Wireless communication gives a freedom to host to
move freely in wireless communication zone network. To accompany this freedom wireless
communication relay on channel know as radio frequency RF, Wireless nodes are attached
with a centralized fixed network such as Access Point (AP). The Access Point (AP) acts as a
middle man between the wireless nodes, as wireless nodes are on the move from one place to
another AP keeps them connected to a wireless network. The existence of these networks is
not feasible as fixed network also know as infrastructure is limited support to the adaptability
of wireless network. Therefore this technology is not reliable where no fixed infrastructure is
present like rural areas.
In recent advancement technologies such as Bluetooth and IEEE 802.11 launched a paradigm
of wireless system called as Mobile Ad hoc Networks (MANET). The speciality of this
technology is that it could be managed even in lack of fixed infrastructure. This technology is
efficient, effective, quick, and easy to deploy. MANET consists of independent mobile nodes
While Mobile Ad hoc network have many advantages over the traditional wired network, but
when it come to security it pose a immense set of threats. Firstly Mobile Ad hoc network face
the threat of secure communication in wireless medium. The MANET connectivity poses a
great threat to radio frequency in fallowing ways; [2]
Secondly, nodes having no security on the network may face threats from active attack as
impersonation to passive attacks as eavesdropping which lead network to deceased and
degrade the performance and resources. Vulnerable malicious node attempts to intercept the
Aim of thesis
It is try to provide as much as information in regards of malicious node, the techniques,
methodology and tools which are assume as attacker approach to harm or hijack the network
resources in light of few attacks that are analysed on OPNET Modeler 14.5, We believe
implementing few number of attacks on MANET with having enough knowledge of the
attack as prospective of attacker thinking, can help to investigate the weakness of the network
and have better understanding to secure the network.
CHAPTER NO 2
2.1 Physical Layer Attacks
Physical layer is the lowest layer of OSI reference model. This is commonly shortened as
“PHY”. The physical layer has a priority compare to other layer of OSI/ISO reference model
As many attacks are executed and widely discussed in literature on wireless network, thus
physical layer is one of important layers of OSI reference model to secure in order to protect
the radio signal from many malicious attacks that can launch attack on this layer. Launching
attacks on physical layers are Jamming transmission, interference, eavesdropping is mostly
applied and in common practice on this layer. Attacker goal is to weak the strength of radio
signal but also jamming the transmission to bring the network resources down.
Jammer Attack
Jammer attack is commonly used to wipe out the transmission on the target wireless
networks. Jammer attack responsibility is to stop nodes from sending and receiving packets
on network. Jammer function on physical layer to generate the packet at a high constant rate
on wireless medium to keep the medium busy, consequently node on network can’t access
the wireless medium due to the noise jammer created in wireless medium. In this attack, the
malicious node hire a device called Jammer which is use to observing the wireless radio
frequency, until attacker match the frequency at receiving node receiving the signal from the
sender in the network. Attacker matches the frequency with the help of Jammer frequency
device of the targeted networks and transmits radio signals with generating a continuous high
radio frequency (RF) it is powerful signal that overwhelmed within the range of network
transmission. Subsequently messages are lost due to high noise in the spectrum. Jammer
attacks are considered as brutal force attack. Jammer attacks can be classified as constant
jammer, deceptive jammer and random jammer.
Eavesdropping Attack
Eavesdropping attack is the process of gathering information by snooping on transmitted data
on legitimate network. Eavesdrop secretly overhear the transmission. However, the
information remains intact but privacy is compromised. This attack is much easier for
malicious node to carry on as evaluate to wired network. Eavesdropping attack in MANET
shared the wireless medium, as wireless medium make it more vulnerable for MANET
malicious nodes can intercept the shared wireless medium by using promiscuous mode which
allow a network device to intercept and read each network packet that arrives. The attacker
node intercepts the transmission as every MANET node is equipped with transceiver in range
of the communication which can be decode by means of malicious node to target the
authorized node on the network, malicious node can obtain the sensitive information etc,
modify the routing route or poison the routing table. This can seriously harm the network
resource and degrade the network performance. There are number of hardware tools that
allow promiscuous mode, such as Prisme2 network card with using eavesdropping and high
power antenna to intercepting wireless traffic.
BUSYRTS BUSY
CTS
• Addressing
• Encapsulation
• Routing
• De-capsulation
The network layer in MANET uses ad hoc routing and does packet forwarding. In MANET
nodes act as host and router. Therefore router discovery and router maintains in the MANET
is effectively concern. Thus attacking on MANET routing protocol not only disrupt the
communication on the network even worst it paralyzed the whole communication all over the
network. Therefore, a security in network layer plays a vital role to ensure the secure data
communication in the network. To evaluate the security threats in network layers, threats in
network layer are classified as:
• Routing protocols
• Attacks on network layer.
Many routing protocols have been proposed in MANET. The aims of these routing protocols
are to provide a reliable and secure communication and remove fault in existing protocols.
The examples of different varieties of table driven protocols are given below:
S X D
S X M D
Yang proposed that two kind of attack fall in network layer, routing attacks and packet
forwarding attacks. [8]
Routing attacks
There are different numbers of attacks in MANET routing that can be launch against the
legitimate network by employing malicious nodes. The purpose of these attacks is to spoil the
current routing tables that has been built up by intermediate nodes and which are handling
smoothly around the network topologies. Following are the few of them which are commonly
launched to trigger the routing protocols.
First black hole malicious node advertises itself having a valid fresh routing paths etc.
shortest and stable path to the destination node. Secondly, once black hole node attract the
traffic toward itself and when the flow of traffic come to node its start dropping the
forwarding packet and do not forward the packet as result all packet through malicious node
is lost. As shown in the figure 2.3 [11]
Wormhole Attack
Wormhole attack is similar to black hole attack both attack share the similar phenomena, only
the difference in wormhole work with a collision with other nodes. The goal of wormhole
attack is to affect the MANET routing protocols etc AODV and DSR route discovery. First
attack record the packet at one location and tunnels it to another location by employing the
techniques using wired network or using an off link wireless channel at different radio
frequency. The tunnel between these two colluding is called wormhole.
B C
M
A
E
D
RREQ A, B, C, D, E Node
Data
X X
A I
1 2
Attacker1 Attacker 2
S D
Target
B C E F G
RREQ
RREP
Wireless link
Wormhole link
Jellyfish attack
Jellyfish attack is much similar to black hole attack, Jellyfish attack use the same techniques
as black hole does. Jellyfish first invade on the forwarding packet once it get hold of the
packet it start delaying the data packet for a certain amount of time before forwarding them.
By doing this network performance significantly end to end delay and delay jitter occurred.
In jellyfish attack malicious node send/receive route request and route reply normally. The
main mechanism of jellyfish is to delay packet without any reason. [15]
Byzantine attack
These are vulnerable Byzantine attacks as set of few or numerous node work as cooperation
to launched the attack against the target network. The compromised intermediate nodes or set
of nodes worked as collusion to form an attack. The compromised nodes create routing loops
and may drop packets. Byzantine attacks are hard to detect.
Packet Replication
In this attack malicious node generate the replicates stale packets and start sending it to a
trigger network, in result the nodes on the network get overload of these packets and it will
consume the bandwidth of the network and start consuming the battery of the nodes as well.
Rushing attack
The authorized node in on-demand routing protocol require a RREQ packet in attempt to find
a path to destination. When a malicious node receives a RREQ packet from a source node it
rapidly broadcast it throughout the network topology before the other nodes on the network
topology receives RREQ packets. When nodes on the network received the original packet
they assume those packet are duplicate as they already received the packet form the malicious
node and discard the original pack
Replaying acknowledgement
Replaying attacks are more vulnerable than any other attack on transport layer. The MANET
transport layer protocols TCP- Reno are vulnerable as the function of this protocol is to
acknowledgement of the same segment multiple times signify negative acknowledgment.
Malicious attack
In this attack a malicious node attack on the operation system (OS) of the other host node on
the network. Malicious node sent a Malware or Trojan virus in to a victim node. These
attacks are severe and cause victim node to stop using the network resources. Malicious code
attacks are a vulnerable programme that attack on host nodes. Trojan virus infects the
operation system however Malware code copy itself on the network and keep spreading
around the network. the aim of these attack are to constrain itself on the network and
whenever a new nodes get IP access it start itself on the operation system on the node without
giving any notice to node. These attacks mostly seek the specific information on the
legitimate node and sent information to malicious node which will be used to collection
personal information and specifics information to attack on other nodes.
Repudiation attack
Transport layer and network layer security is not enough to prevent the attacker to attack on
the nodes in network. Repudiation is the attack which is by passed by a attacker from
transport and network layer. Repudiation attacks refer as denial of participation in the
Active attack
In active attack the packet transmitted over the wireless radio frequency could be modified or
corrupt during the data exchanged among network nodes from intercepting of malicious node
to trigger network. A malicious node can modify the packet by setting up false information
into packet header, as result routing events puzzled and degrades the network performance,
Active attacks can be classified in two categories internal attack and external attack
Internal attack
Internal attack are took place inside the network, selfish nodes misbehave against the network
accordance to be faithful to network; the purpose of selfish node is to save the battery life or
its own purpose and not forwarding packet to other nodes. These attacks on network are hard
to detect compare of external attacks as attacker is inside of the network and damage the
resource of network by not cooperation.
External attack
These attacks are take place from outside the network from those node that do not are part of
the legitimate network. To prevent these attacks as a caution to use an encryption technique
mechanism and using firewall to block that access of unauthorised node from network
resources.
Passive attack
The function of the passive attack is to listening the radio frequency channel and get as much
as information on the network traffic before launch any attack whist the passive attacks are
launched to steal the important information regarding to target network such as
eavesdropping and traffic analysis. These attacks are also harder to detect.
In this attack the malicious node gather the requirement information on which routing
protocol network is running this can be accomplish by using eavesdropping to hear the raw
packet transmission. Once the required information is gather malicious node create changes
in the routing table of the target network and start broadcasting it. Due to the nature of the
MANET they are mobile nodes new path are discovered and break frequently. Malicious
nodes take the advantage of this phenomenon and participate in packet forwarding process
and launched the message modification attack. [25]
This attack is also known as Tunnel attack, the attacker take control of the transmission
between the source and destination by intercepting them. The intension of attack is to either
to change sent messages or gain the useful information on the intermediate nodes on network.
Fabrication attack is also called as tampering attack, in this attack malicious node do not
interrupting or modifying any routing table thus the attacker fabricate its own packets and
transmit it on the network to create a chaos to bring down the network. Fabrication attacks
can also be launched from the internal misbehaving nodes like route salvaging attacks.
This attack is launched by internal nodes such as misbehaving nodes the purpose of this
attack is misbehaving node salvage their own packets duplicate them and rebroadcast them
on the network with no error messages. This attack could be more dangerous for the network
if this attack is implementing with the collaboration of other misbehaving nodes. These
attacks not only consume unnecessary bandwidth but also drain off the resources of the other
intermediate and destination nodes.
The aim of this attack is to drain off limited resources in MANET nodes etc, energy power,
by keep sending the route request to the trigger nodes. Hence routing protocol, sleep
deprivation attack can be launched by flooding the unnecessary routing packets in order to
make the node unable to participate in the network and unreachable by other nodes on the
network.
In this attack a node can disclose the confidential information to malicious node, like location
or structure of the network topology which is useful for the malicious node to launch a attack
on a specific network in result malicious node gather all the information which it need and
which node is suitable to implement a attack.
Chapter NO.3
Authentication
Authentication is the mechanism that node use to validate the data when transmission is
taking place by authorized nodes, this process of communication is authentic. Without
authentication malicious nodes get access on the network and data can be modify without any
Confidentiality
Confidentiality purpose is to ensure the access to legitimate nodes on data, as confidentiality
could be compromised by other means through malicious nodes. MANET data that send to
other nodes have to be comprehensible to receiving node only, there is a probability that
message can be intercepted by intruder node. In mobile ad hoc network confidentiality is vital
part for securing the transmission on wireless radio as sensitive of data. As an example the
transmitted messages send on mobile ad hoc network can be caught by adversary appearing
as authenticated mobile node by using a spoofing attack, as result this vulnerable activity
malicious node get access to that data. To avoid this problem is used a technique called data
encryption known as cryptography.
Integrity
Integrity ensures the process of changing or to interception of modifying the information by
authorized nodes in MANET other task of integrity is to make sure the message transmitted
on the wireless medium never corrupted, a massage can be corrupted by malicious nodes. By
doing this kind of attacks the adversary may change or duplicate the data packet information
message or could redirect the network traffic to other routes or to a different destination node.
Availability
Availability proceeds the survivability and functioning of network to provide guaranteed
services at all the times despite malicious or misbehaviour nodes on the network. If a
malicious node or denial-of-service (DoS) attacks launch against the network, where DoS
attack can be launched at any layer of OSI model on MANET. A malicious node use jammer
to obstruct the transmission on physical layer, or data link layer to disable the back off
mechanism or on network layer to halt routing by disturbing route discovery process.
Additionally, malicious node brings down network resources. Therefore to combat these
challenges key management is fundamental for implementation of any security framework.
Non-Repudiation
Non repudiation ensures the process of sending information among nodes on wireless
medium by sending nodes and receiving nodes. The nodes does not deny of information that
be transmitted or received by using a special mechanism called digital signature know as
cryptography which functions unique identifiers for each other. [19]
CHAPTER NO.4
IMPLEMENTATION
1). Specification
2). Data collection and simulation
3). Analysis
Re-Specification
The phases are accepted to execute in sequence path and form and simulation cycle.
There are many different kind of jammer which can be use against the target network; most
commonly are Constant Jammer, Deceptive Jammer and Random Jammer and Reactive
Jammer. Scenario 1, 2, and 3 focus on intelligent pulse jammer attack, the reason to call
jammer a intelligent is because it’s pulse off time and pulse on time are the main parameter
which act on jammer to behave on and off at certain time as define to generate the
transmission. Additionally the jammer node transmit power is set lower than the normal
nodes on the network, is to prove that jammer with low transmit power can create a great
impact by reducing the throughput of the target network and calling our pulse jammer as
intelligent pulse jammer.
For each single scenario first normal network traffic is generated and later by introducing
three misbehavior nodes on each single scenario and comparing the results.
4.16 Scenario 1
Performance of Optimized Link State Routing (OLSR) protocol under Intelligent Pulse
Jammer attack
First, we implemented Optimized link State protocol on 29 MANET nodes all node are
configure default OLSR setting of Ad-Hoc routing parameters in OPNET Modeler. The area
4.17 Scenario 2
Performance of Geographical Routing Protocol (GRP) under Intelligent Pulse Jammer
attack
In this scenario, first we implemented the Geographical Routing Protocol on MANET nodes
with the default GRP setting in OPNET Modeler. The area of GRP is set as 800x800 so
nodes can freely move in random directions. Application configuration, Profile configuration
and mobility configuration are defined. The results are noted under the GRP routing protocol
with normal traffic. Later we implemented intelligent pulse jammer attack under GRP routing
protocol and named the scenario as GRP_JAMMER, the results are compared in term of
throughput, delay, traffic sent, traffic received, packet dropped and error messages.
4.18 Scenario 3
Performance of Ad-Hoc On-Demand Routing (AODV) under Intelligent Pulse Jammer
attack
In third scenario we use the Ad- hoc (AODV) routing protocol on 29 MANET nodes with the
area 800x800. Application configuration, profile configuration and mobility are defined as in
scenario 1 and 2. Once the normal traffic result are collected we duplicated the AODV
scenario and name is AODV_JAMMER by introducing two pulse jammer nodes under
AODV nodes. And compare the capture result against the throughput, delay, packet dropped
and error messages.
In this scenario we have implemented misbehavior node attack on Optimized Link State
Routing protocol. Before implementation attack we define a network with random mobility
so MANET node can move around in the area of 800x800. Misbehavior node attack is
different compare to intelligent jammer attack. Misbehavior node act maliciously act to drop
packets and stop forwarding packet to other nodes and consume bandwidth. To generate the
traffic on the network we define the application configuration which contain data the
application used in the network, in profile configuration different application are associated
to generate the traffic. The application used in Misbehavior node are FTP (Medium Load),
EMAIL (Medium Load) and Database (Low Load). In our misbehaviour node we only
change the packet size of the node. Our model act genuinely because we haven’t change any
power transmitter value, same RTS value be use as for normal MANET node used. Apart
from packet size nothing else is modified in misbehavior node.
We run a normal network with 29 MANET nodes using default setting of OLSR routing
protocol within area of 800x800. Same application configuration, profile and mobility are
used as mention above. All the result of normal network has noted. A new scenario is created
with the name of OLSR_MISBEHAVIOU, here we placed three misbehavior nodes at
different position so when the traffic is generated among other nodes misbehavior node start
dropping and stop forwarding packet to other nodes. All results are capture and compare
against the normal network in terms of throughput, delay, packet delivery ratio and network
load.
4.20 Scenario 5
Performance of Geographical Routing Protocol (GRP) under Misbehaviour attack
The last scenario focuses on the performance of Ad Hoc On Demand Routing (AODV) under
three misbehaviour nodes. The MANET nodes are configured to use default AODV routing
protocol in OPNET. Application, profile and mobility defined as mention earlier scenarios.
Normal traffic result capture once simulated new duplicate scenario is created with a name
AODV_MISBEHAVIOUR where we introduce three misbehavior nodes and once collected
their result we compare result against the normal network.
Delay
The packet end to end delay is the average time of the packet passing through inside
the network. It includes all over the delay of network like transmission time delay
which occurs due to routing broadcasting, buffer queues. It also includes the time
from generating packet from sender to destination and express in seconds.
Throughput
The ratio of the total data reaches the receiver from the sender. The time it consume
by the receiver to receive the last packet is called throughput [33]. Mathematically
throughput can be characterized as in equation [34].
Network load
Network load is the total packet sent and received across the whole network at a
particular time.
Packet dropped shows how many packets successfully sent and received across the
whole network. It also explains the number of packet dropped during the
transmission due to interference from other devices.
Conclusion
This chapter describes the model of the network we implemented to focus for our
results, we explain in well detail the parameters chosen for application configuration,
profile configuration, mobility, and we also explain the model value settings of
MANET nodes, intelligent pulse jammer and the modification of misbehaving nodes
5.2 SCENARIO 1
Comparison of Optimized Link State Routing (OLSR) protocol under Intelligent Pulse
Jammer attack
To view the simulation results and to compare them we have run the model network
simulation, a model network simulation is explained in chapter no 4. The scenario is run three
times to make sure the result are accurate and compared with several metric parameters. The
results of the simulation are noted and are as follows:
Fig 5.1 Normal traffic without any attack and Fig 5.2 traffic under jammer attack
Fig 5.3 Normal OLSR routing protocol Fig 5.4 OLSR routing under intelligent pulse
Jammer
Evaluation
5.2.1 Throughput
Figure 5.4 Intelligent pulse jammer attack on OLSR shows a significant result. The pulse
jammers reduce the throughput of the entire network by generation raw packet (noise) in the
wireless medium. The simulation started time on both scenarios normal traffic of OLSR and
OLSR with jammer attack is 5.0 second and up till 300 seconds. The overall throughput of
normal network is 1,400,000 bit/sec (1.4 Megabits) however compare with intelligent pulse
jammer attack the overall throughput on entire network is reduce to 1,200,000 bit/sec (1.2
Megabits). Therefore we can conclude the jammer attack use the wireless medium and
decrease the network traffic throughput.
Figure 5.6
Figure 5.7
5.3 Scenario 2
Comparison of Geographical Routing Protocol (GRP) under Intelligent Pulse Jammer
attack
the next Figure 5.11 and 5.12 show the performance GRP routing protocol without and with
intelligent pulse jammer attack.
Evaluation
5.3.1 Throughput
To evaluate the result of GRP routing protocol under intellignet pulse jammer attack are
compare to the GRP normal network and GRP Jammer network in Figure 5.13. we analyse
the throughput of the entire network with and without intellignet pulse jammer. The graph
show that with jammer attack GRP routing protocol had a severe effect on network
throughput. The normal network throughput recorded as 35,500,000 bits/sec duration of 300
seconds, where the start time to generate traffic set as 5.0 seconds. On the other hand the
GRP with jammer attack showed a throughput of 1,000,000 bits/sec which is two times less
than the original recorded on GRP with normal network scenario. If we convert the bits/sec
rate in to megabits we get better view to understand the network performance with and
without jammer nodes on the network. without jammer the total throuput is 3.5 megabit per
second and with two pulse jammer nodes the total throuput is 1 megabit per second.
Figure 5.14
Figure 5.15
5.4 Scenario 3
Comparison of AODV under Intelligent Pulse Jammer Attack
The result of AODV under Pulse jammer attack had been taken, implementation had defined
in chapter no 4. Simulations are run at number of time to make sure the results are accurate.
Figure 5.17 AODV normal traffic responses Figure 5.18 AODV under Pulse Jammer traffic
Evaluation
5.4.1 Throughput
The normal network throughput is compared with intelligent pulse jammer attack in Figure
5.20. As we notice the difference of attack with pulse jammer lead network to congestion and
decrease the network performance. Network reaches at lowest throughput decrease at
beginning of the simulation when jammer start generated the noise; the total network
throughput is 5000,000 bit/sec (5.5 megabits) whereas by implementing jammer nodes the
throughput on the network is decrease. We can say the usage of channel lead to congestion
and network performance is decrease
Figure 5.20
5.4.3 Delay
The Figure 5.22 shows the delay between normal network and with jammer nodes. A gradual
decrease on y-axis is clearly seen. By observation the pulse jammer attack the delay starting
at co-ordinates of the beginning of the simulation and last it till at end. Most probably the
reason of that is jammer start sending packets on the wireless frequency on it start time and it
get increased due to noise in the network which prevent the MANET node to continue the
transmission on the network.
Figure 5.23
Figure 5.24
5.5 Scenario 4
Comparison of Optimized Link State Routing (OLSR) protocol under Misbehavior
nodes
After implementing intelligent pulse jammer attack, scenario 4 focus on the result of the
misbehavior nodes, the implementing and the parameter setting has already defined in earlier
chapter 4. We have run the misbehavior nodes simulation network with number of time to
make it show the results are accurate meanwhile compare those results with the normal
network to analyse and understand the impact misbehavior nodes made on network.
In this scenario, we compare the Optimized link state routing protocol under misbehavior
nodes, the simulation run time is set as 300 seconds, and the fallowing graphs will give
details of the results and evaluation between the normal network traffic response and
misbehavior traffic response.
Figure 5.27 & 5.28 With Misbehavior nodes traffic response in network.
Evaluation
5.5.1 Throughput
The Figure 5.29 shows the entire throughput of the network with misbehavior nodes and
without misbehavior nodes in the network. Throughput progressively increased to 1,5,10,313
bit/sec with in a set time of 300 seconds. On the other hand nodes on the misbehavior
performance reduce the throughput of the entire network and keep at constant rate of
Figure 5.29
5.5.2 Delay
The delay in Figure 5.30 show the normal traffic delay and misbehavior traffic delay. By
observing the graph the network misbehavior delay started at almost the same time as with
normal traffic however the delay occurred at co-ordinates 12 x-axis where it can be examine
clearly. Whereas the normal network delay at 12 x-axis and further got to at y-axis 22. On the
other hand the misbehavior nodes y-axis ends at 25 y-axis. From here to till end of the
simulation run time the delay is getting increased. The delay has increased systematically to
higher level by introduction of misbehavior nodes on the network. The reason for this
situation is as all nodes using the same routing protocol but due to different characteristics of
misbehavior nodes act as maliciously therefore some intermediates nodes in the network
follows the selected nodes to forwarding of packets.
The traffic sent on normal network is noted as 2,000,000 bits/sec where as the network with
misbehavior nodes are 1,827,631. We can conclude that the traffic sent to network is
decreased by introducing the misbehavior nodes. As misbehavior nodes does not participate
to perform it basic task for the fulfilment of the requirement of network in good means. These
activities lead network to congestion and decrease it performance.
5.6 Scenario 5
Comparison of Geographical Routing Protocol (GRP) under Misbehavior nodes
Figure 5.33 Normal traffic response Figure 5.34 Misbehavior Nodes traffic response
Evaluation
5.6.1 Throughput
To determine the network performance we first look at the throughput of the whole network
with comparison of misbehavior nodes as shown in Figure 5.37. The run time of the
simulation is set as 300 seconds. The normal network throughput is noted as 3,500,000
bits/sec at constant rate on x-axis. Introducing the misbehavior nodes affectively reduce the
throughput of the network performance at constant rate of 1,500,000 bit/sec. This showed a
poor performance of network traffic. The three misbehavior nodes had decreased the
throughput of the whole network by not forwarding packets to other nodes and keep dropping
the packet randomly. This concludes the performance of misbehavior nodes have poor affect
on the network traffic. It also concludes the reliability of the node is essential in terms of
security.
5.6.2 Delay
The delay parameters show the misbehavior nodes activities on the whole network in Figure
5.38. The delay has increased compared with normal network traffic. The reason of increase
delay is misbehavior nodes does not cooperate with other nodes on the network. Misbehavior
nodes only forward packet when they want too. Compare to normal network traffic a constant
rate is noted on x-axis throughout the simulation time. However the misbehavior nodes delay
is notice up and down due to the malicious activity on the network. It also show the packet
delay time is increased to reach the packet at destination node.
Figure 5.38
Figure 5.39
Figure 5.40 Normal MANET Traffic sent/received Figure 5.41 MANET Traffic sent/received
under Misbehavior nodes
5.7 Scenario 6
Comparison of Ad-Hoc On-Demand Routing (AODV) under Misbehavior nodes
Scenario 6 is design to examine the on AODV routing protocol under misbehavior nodes.
The simulation run time is set as 300 seconds all results of the simulation are captured and
are as fallow.
Figure 5.44 AODV normal traffic Figure 5.45 AODV Misbehavior Nodes traffic
Evaluation
5.7.1 Throughput
The throughput of the whole network with normal nodes and with misbehavior nodes is
simulated and results are captured in Figure 5.46. The result shows significant changes on
throughput of the network with misbehavior nodes. By examine the result we observe the
misbehavior nodes throughput started at the same time, when normal network nodes start.
Figure 5.46
Figure 5.48 AODV traffic sent with and without Misbehavior nodes Figure 5.49 AODV
traffic received with and without Misbehavior nodes.
5.8 Analysis
The simulation results present the performance of OLSR routing protocol under intelligent
pulse jammer attack. The comparison results taken in terms of throughput, packet delivery
ratio, network load, and delay are measured under intelligent pulse jammer attack, As the
pulse jammer attack model is already explained in chapter No 4. The capture results are
compared with OLSR routing protocol under jammer attack. The throughput of the whole
normal network with OLSR routing protocol is noted as 1,400,000 bits/sec (1.4 Megabits),
the reason of that low throughput is because of the heavy applications are used on the each
single MANET nodes i.e., FTP use TCP protocol, EMAIL use TCP protocol where as TCP
uses three way handshake which consume a lot of network bandwidth. The comparison
against the intelligent pulse jammer the throughput of the entire network with under pulse
jammer attack is recorded as 1,220,000 bits/sec (1.22 Megabits). The packet delivery ratio of
MANET traffic sent with normal network and with pulse jammer network is recorded as
1,891,000 bits/sec (1.8 Megabits) duration of 300 seconds. Meanwhile the normal MANET
traffic receiving rate is 600,000 bits/sec (600 kilobytes) where as with intelligent pulse
jammer introduction the MANET traffic received rate is 450,000 bits/sec (56.25 kilobytes).
The network load for OLSR network is 1,400,000 (1.4 Megabits) and with pulse jammer
Simulation results for GRP protocol was examine under intelligent pulse jammer attack. The
results were compared in terms of security considerations as explained earlier. The whole
throughput of GRP nodes on normal network is capture as 3,400,000 bits/sec (3.4 Megabits),
network load of the GRP nodes is 3,500,000 bits/sec (3.5 Megabits), with the implementation
of intelligent pulse jammer attack the throughput and the network load with attack reduce to
1,000,000 bits/sec (1.0 Megabits), 1,000,000 (1.0 Megabits). We found the delay has
increased when jammer generate raw packet on the wireless radio frequency, the GRP routing
traffic sent is reduce due to jammer attack as every node in network maintain the routing
table at certain interval of time. GRP packet delivery ratio decreased of packet when jammer
nodes vulnerable the network by its malicious activities.
Simulation results of AODV examine under intelligent pulse jammer attack. The results are
compared in term of normal traffic parameters and with pulse jammer traffic parameters,
throughput, network load, delay and packet delivery ratio is observed to analyse the results.
The throughput with normal nodes is recorded as 5,000,000 (5 Megabits), whereas by
introducing the intelligent pulse jammer nodes the throughput of entire network is recorded
as 4,500,000 (4.5 Megabits), The AODV routing protocol on MANET’s nodes showed the
decreased in delay, packet delivery ratio of received traffic under pulse jammer attack is
decreased and for the sent traffic is almost equal to normal traffic of nodes when pulse
jammer is implemented, the reason behind this could be the jammer is sending/generating
packet of the wireless medium at same time compare with the normal network with AODV
routing table etc, route discovery, route request etc. Hence jammer and routing table working
at same time of interval. However the packet lost is compared lower in AODV under pulse
jammer attack compare to other routing protocol.
Simulation results examined for the performance of OLSR routing protocol under
misbehavior nodes. The result showed large number of packets dropping placed from
misbehavior nodes. The process of OLSR forwarding packet MPR lower than normal
network as nodes with misbehavior capabilities does not cooperate on the network nodes. The
throughput of OLSR under misbehavior node is 1,400,000 bits/sec (1.4 Megabits) where as
Simulation results for GRP under misbehavior nodes are examined. The throughput of the
whole network under misbehavior nodes is 1,314,594 bits/sec (1.31 Megabits) where the
original throughput of entire network is 3,400,000 bits/sec (3.4 Megabits) as it can observe
the throughput of the network under misbehavior node has decreased dynamically and only
1.31 Megabits is available to whole network. The network load of the network under
misbehavior node 1,400,000 bits/sec (1.4 Megabits) compare to normal network load
3,500,000 bits/sec (3.5 Megabits) is recorded, delay has increased during the misbehavior
nodes as malicious node dropping the packet before forwarding it to other nodes on the
network therefore any packet on network reach to its destination is dropped or reached late.
The packet delivery ratio is compared against the normal network with misbehavior nodes,
the normal MANET traffic received 1,600,000 bits/sec (1.6 Megabits), whereas with
misbehavior nodes (600 Kilobits), the MANET traffic sent with normal nodes is 1,450
bits/sec (1.45 Kilobits), compare to misbehavior node is 900 bits/sec (0.9 Kilobits). In GRP
routing the total number of backtracks are higher with malicious nodes compare with normal
nodes on the network. The GRP routing protocol is badly affected when malicious nodes
does not pass the routing route to other node to network to find the route.
The result of AODV routing protocol under misbehavior nodes examined, the packet delivery
ratio of traffic sent is recorded as 15,000,000 bits/sec later introducing the misbehaivor nodes
the MANET traffic sent is decreased to 13,686,074 bits/sec. looking at the traffic received of
normal node 2,800,000 bits/sec with misbehavior nodes decrease to 2,400,000 bits/sec.
Similarly, the throughput of the network is decreased under misbehavior nodes, so network
load as well.
GRP Routing Protocol Comparison with Pulse Jammer and Misbehavior nodes Attack
AODV Routing Protocol Comparison with Pulse Jammer and Misbehavior nodes
Attack
CHAPTER NO.6
6.1 Conclusion
In this thesis the simulation study of our work consist of three routing protocol OLSR,
AODV and GRP set up over MANET using medium FTP, medium E-Mail and low Database
traffic analyzing their actions with respect to performance parameters, throughput, network
Normal traffic is compared with different routing protocols, with pulse jammer attack and
misbehavior nodes in terms of performance i.e. throughput, packet delivery ratio, delay,
retransmission attempts. We showed several security breaches under pulse jammer attack and
misbehavior nodes attack models using OPNET.
Misbehavior nodes model attack showed the network affecting in several different security
aspects, it not only degrading the performance of the entire network but also reflect the
security measures like availability, authentication, confidentiality, integrity and non-
repudiation. Intelligent pulse jammer model showed the network degrading performance by
generating noise on the radio frequency hence the jammer highlighted the security aspect and
damaging the throughput and made more complicated for nodes to communicate on wireless
radio frequency. Several parameters affected in term of security under jammer attack.
6.2 Findings
From this study we can conclude the protocols we chosen to implement on our network, is no
single one having overall better performance under malicious activities i.e. Pulse Jammer
attack and Misbehavior nodes. One Ad Hoc protocol may be better in term of routing whilst
others may be better in term of throughput, packet delivery ratio, and delay.
In our study we analysed Intelligent Pulse Jammer attack and Misbehavior nodes attack with
six different scenario along with performance metrics. We analysed the vulnerability of
OLSR, GRP and AODV. Factor considered the performance of the routing protocols under
Jammer and misbehavior attacks, OLSR has the worst performance compared with other two
routing protocols AODV and GRP, in terms of throughput, network load and delay.
One can almost be certain that AODV routing protocol performed better opposite to OLSR
and GRP, its throughput, network load and delay is much better than the other routing
protocols. AODV performed well under jammer attack and under misbehavior nodes attack.
Based on the research we carry out and analysis of the simulation results in OPNET Modeler
14.5, we describe the conclusion that OLSR and GRP is more vulnerable under pulse jammer
attack and under misbehavior nodes attack.
2. Imrich Chlamtac, Marco Conti, Jennifer J. N. Liu, 2003. Mobile ad hoc networking:
imperatives and challenges.
http://www.scribd.com/doc/19471793/MobileAdHocNetworkingImperativesandChall
enges [Accessed Feb – April 2010]
4. Ashikur Rahman, Pawel Gburzynski, 2006. Hidden Problems with the Hidden Node
Problem. http://citeseerx.ist.psu.edu/viewdoc/download?
doi=10.1.1.61.365&rep=rep1&type=pdf. [Accessed Feb – April 2010]
5. Yihong Zhou, Dapeng Wu, Scott M. Nettles, 2004. Analyzing and Preventing MAC-
Layer Denial of Service Attacks for Stock 802.11 Systems.
http://www.arias.ece.vt.edu/publications/conferences/UKC06.pdf [Accessed Feb –
April 2010]
7. Hasnaa Moustafa and Houda Labiod, 2005. Source Routing-based Multicast Protocol
for Mobile Ad hoc Networks.
8. H. Yang, H. Luo, F. Ye, S. Lu, and L. Zhang, 2004. Security in Mobile Ad hoc
Networks: Challenges and Solutions, IEEE wireless Communication, Vol.11, Issue 1,
pp. 38-47.
http://netlab18.cis.nctu.edu.tw/html/AdHoc_Network/slides/Chapter3-1-Security
%20in%20Mobile%20Ad%20Hoc%20Networks.pdf [Accessed Feb – April 2010]
10. Patroklos G. Argyroudis and Donal O Mahohy, 2005. Secure Routing For Mobile Ad
Hoc Networks, 2005. http://citeseerx.ist.psu.edu/viewdoc/download?
doi=10.1.1.81.4598&rep=rep1&type=pdf [Accessed Feb – April 2010]
11. Dagmara Spiewak, Thomas Engel, and Volker Fusenig, 2007. Unmasking Threats in
Mobile Wireless Ad-Hoc Network Settings.
http://wiki.uni.lu/secan-lab/docs/Spiewak2007a.pdf [Accessed Feb – April 2010]
12. Houda Labiod, Mohamad Badra, 2007. New technologies, mobility and security,
springer.
13. Marianne Azer, Sherif El- Kassas, Magdy El-Soudani, 2009. A Full Image of the
wormhole attaks, towards Introducing Complex Wormhole Attacks in wireless ad hoc
networks.
14. Rashid Hafeez Khokhar, Md Asri Ngadi and Satria Mandala, 2008. A Review of
Current Routing Attacks in Mobile Ad Hoc networks.
http://eprints.utm.my/8213/1/NgadiMA2008_AReviewCurrentRoutingAttacksInMobi
leAd-hocNetworks.pdf [Accessed Feb – April 2010]
16. N. Shanthi, Dr. Lganesan and Dr. K. Ramar, 2010. Study of Different attack on
multicast mobile ad hoc network.
17. Erdal Cayirci, Chunming Rong, page 116, 2009. Book Security in wireless Ad Hoc
and Sensor Network, John Wiley & Sons Ltd.
19. C. Siva Ram Murthy and B. S. Manoj, 2004. Ad Hoc Wireless Network,
Architectures and Protocols, , chapter 9, page no 476.
20. Helena Szczerbicka, Kishor S. Trivedi and Pawan K. Choudhary, 2003. Discrete
Event Simulation with Application to Computer Communication Systems
Performances.
21. Jerry Banks, John S. Carson II, Barry L. Nelson, David M. Nicol, 2010. Discrete-
Event System Simulation, Fifth Edition, Chapter No 1, page no 16. Pearson.
22. Ricardo F. Garzia, Mario R. Garzia, 1990. Network Modeling, Simulation, and
Analysis, Chapter 1, page no 9, Dekker.
23. Luc Hogie, Pascal Bouvry, Frederic Guinand, 2006. An Overview of MANETs
Simulation, 2006. http://citeseerx.ist.psu.edu/viewdoc/download?
doi=10.1.1.106.3553&rep=rep1&type=pdf [Accessed Feb – April 2010]
24. Gunnar Ronneberg and Olav Lysne, 2008. An OPNET-based Simulation Model of
SCI- nodes, University of Oslo. http://citeseerx.ist.psu.edu/viewdoc/download?
doi=10.1.1.16.777&rep=rep1&type=pdf [Accessed Feb – April 2010]
25. S.A. Razak, S. M. Furnell, P. J. Brooke, 2003. Attacks against Mobile Ad Hoc
Networks Routing Protocols, university of Plymouth.
https://www.scm.tees.ac.uk/p.j.brooke/b/Razak+04a.pdf [Accessed Feb – April 2010]
26. Ola Mohamad, Rosilah Hassan, Ahmed Patel, Rozilawati Razali, 2010. A Review of
Security Parameters in Mobile Ad-Hoc Networks.
http://www.ftsm.ukm.my/rosilah/files/OLA_ICICS.pdf [Accessed Feb – April 2010]
27. The Network Simulator –NS2, discrete event simulator targeted at networking.
Internet : http://www.isi.edu/nsnam/ns/ns-build.html
29. GloMoSim discrete simulation environment for wireless and wired network systems,
Internet http://pcl.cs.ucla.edu/projects/glomosim/
32. Mishra Amitabh, Nadkarni Ketan M., and Ilyas Mohammad, 2003.“Chapter 30:
Security in wireless ad-hoc networks, the handbook of Ad hoc wireless network”. ,
CRC PRESS Publisher.
33. Uyen Trang Nguyen and Xing Xiong, “Rate adaptive Multicast in Mobile Ad hoc
Networks”, IEEE International Conference on Ad hoc and Mobile Computing,
Networking and Communications, WiMob, Montreal, Canada, 2005
34. Sajjad Ali & Asad Ali, Performance Analysis of AODV, DSR and OLSR in MANET,
Department of Electrical Engineering with emphasis on Telecommunication Blekinge
Institute of Technology, Sweden 2009.
http://www.bth.se/fou/cuppsats.nsf/all/252aefb4936b9db3c12576b20053b8a5/$file/Pe
rformance%20Analysis%20of%20AODV,%20DSR%20and%20OLSR%20in
%20MANET.pdf [Accessed July – August 2010]