OPNET - MODELER - MANET Attacks Thesis

Mobile Ad hoc Network Security Issues
By
Sheraz Salim
Student ID 20388626
Presented to Faculty of
School of Computing, Engineering and Physical Sciences
University of Central Lancashire
In Partial Fulfilment
Of the Requirements
For MSc Computer Networking
Name: Sheraz Salim Master Project CO4804

Page
1
Acknowledgement
I always thank to ALL-MIGHTY ALLAH, who gave me power and courage to

complete this project. I would like to thank Zaki-El-Haroun for his supervision during
this project and Helen Campbell for supporting and gaudiness during this tough time.
I also have good regards for the facility of school of Computing Engineering and
Physical Science, University of Central Lancashire including Chris, who always
support us for the simulation software problems. And also thanks to OPNET
technologies software. I would also like to express my sincere thank to my friends
who support me all this time during thesis first and foremost, Noman Qazi and Hamid
Khan.
Finally, I would like to dedicate this thesis to my parents, brother and sister. Without
their support it wasn’t possible to complete this project.

Page
2
Abstract
Wireless network are getting common around over living atmosphere and user are enjoying
the wireless connectivity irrespective of their geographic position. Mobile ad hoc network
also know as MANET is a fast growing technology which give connectivity where existing
technologies communication failed due to catastrophic failure. MANET technology received
a huge attention from the researchers to make them better, reliable and valuable in
communication environment, MANET nodes are highly self organized with a collection of
few mobile node they formed a temporary network. All these fantasizing features, and
marvellous connectivity with other mobile node are making a enormous network, despite
when it come to security it pose a large number of threats to the network. In order to provide
secure transmission, researcher proposed many security measures within the network i.e.
secure routing protocol and cryptography.
The scope of this project is to study the effects of Pulse Jammer attack and Misbehavior
nodes using Proactive routing protocol i.e. Optimized Link State Routing Protocol (OLSR),
Reactive routing protocol Ad Hoc On Demand Distance Vector (AODV) and Geographical
Routing Protocol (GRP). The impact of attack on MANET performance is evaluated finding
out which protocol is more vulnerable to these attacks. The measurements were taken in light
of throughput, network load, delay and packet delivery ratio. The simulation work is done in
Optimized Network Engineering Tool (OPNET).

Page
3
Table of Contents
Table of Contents...................................................................................4
CHAPTER NO 1.......................................................................................7
Mobile Ad hoc Wireless Network............................................................7
Introduction...........................................................................................7
Aim of thesis........................................................................................10
1.3 Project Structure........................................................................10
CHAPTER NO 2.....................................................................................10
2.1 Physical Layer Attacks...................................................................10
Jammer Attack.....................................................................................11
Interference Problem...........................................................................12
Eavesdropping Attack..........................................................................12
2.2 Data Link Layer Attacks.................................................................12
IEEE 802.11 attack..............................................................................13
Virtual Jamming attack 802.11............................................................13
2.2.3 Traffic Monitoring and Analysis Attack.......................................14
Single adversary attack (SAA).............................................................14
Colluding adversaries attack (CAA).....................................................14
2.3 Network Layer Attack....................................................................15
2.3.1 Routing Protocol.........................................................................15
Proactive (Table Driven Routing Protocols).........................................16
Reactive (On- Demand Routing Protocols) .........................................16
Other Routing Protocol........................................................................17
Comparison of Proactive, Reactive and Hybrid Routing Protocol in
MANET 17
Attack on Network Layer.....................................................................18
Routing attacks....................................................................................19
Routing table overflow attack..............................................................19
Routing table poisoning attack............................................................19
Route cache poisoning attack.............................................................19
Packet forwarding attacks or Advance attacks....................................20
Black hole attack.................................................................................20
Wormhole Attack.................................................................................20
Jellyfish attack.....................................................................................23
Gray holes attacks...............................................................................23

Page
4
Byzantine attack..................................................................................24
Packet Replication...............................................................................24
Rushing attack.....................................................................................24
2.4 Transport layer Attack...................................................................24
Replaying acknowledgement...............................................................24
SYN flooding attack.............................................................................25
2.4.3 Session hijacking........................................................................25
2.5 Application layer Attacks...............................................................25
2.5.1 Application layer attacks MANET................................................26
Malicious attack ..................................................................................26
Repudiation attack..............................................................................26
2.6 Cross layer security Attack............................................................27
Passive attack......................................................................................27
Chapter NO.3.......................................................................................29
3.1 MANET Security Services...............................................................29
Authentication.....................................................................................29
Confidentiality.....................................................................................30
Integrity 30
Availability...........................................................................................30
Non-Repudiation..................................................................................30
CHAPTER NO.4.....................................................................................31
IMPLEMENTATION................................................................................31
4.1 Discrete Event Simulator (DES).....................................................31
4.2 Continuous simulation...................................................................31
4.3 Test bed Labs................................................................................31
4.5 Simulation tool...............................................................................32
4.6 The Architecture of OPNET............................................................32
4.7 Intelligent Pulse Jammer Attack Model..........................................33
4.8 Misbehavior Node Attack Model....................................................33
4.9 MANET Network Model..................................................................34
4.10 Application Configuration Setting................................................34
4.11 Profile Configuration Setting........................................................35
4.12 Mobility Configuration Setting.....................................................36
4.13 Node Model Traffic Packet setting...............................................36

Page
5
4.14 Creating Intelligent Pulse Jammer Node Model...........................38
4.15 Creating Misbehavior Node Model...............................................39
4.16 Scenario 1....................................................................................39
4.17 Scenario 2....................................................................................40
4.18 Scenario 3....................................................................................40
4.19 Scenario 4....................................................................................41
4.20 Scenario 5....................................................................................41
4.21 Scenario 6....................................................................................42
4.22 Performance Metric and Analysis................................................42
CHAPTER NO.5.....................................................................................44
5.1 RESULT AND ANALYSIS..................................................................44
5.2 SCENARIO 1...................................................................................44
5.2.1 Throughput.................................................................................45
5.2.2 Network Load.............................................................................46
5.2.3 Delay..........................................................................................47
5.2.4 Packet Dropped..........................................................................47
5.2.5 OLSR routing Hello packet..........................................................48
5.3 Scenario 2......................................................................................49
5.3.1 Throughput.................................................................................50
5.3.2 Network Load.............................................................................51
5.3.3 Delay .........................................................................................52
5.3.4 Packet Delivery Ratio.................................................................52
5.4 Scenario 3......................................................................................53
5.4.1 Throughput.................................................................................55
5.4.2 Network Load.............................................................................55
5.4.3 Delay..........................................................................................56
5.4.4 Retransmission Attempts...........................................................57
5.4.5 Route Discovery Time.................................................................57
5.5 Scenario 4......................................................................................58
5.5.1 Throughput.................................................................................59
5.5.2 Delay..........................................................................................60
5.5.3 Packet delivery ratio (PDR).........................................................61
5.5.4 Network Load.............................................................................62
5.6 Scenario 5......................................................................................63

Page
6
5.6.1 Throughput.................................................................................64
5.6.2 Delay..........................................................................................65
5.6.3 Network Load.............................................................................66
5.7 Scenario 6......................................................................................67
5.7.1 Throughput.................................................................................68
5.7.2 Network Load.............................................................................69
5.8 Analysis.........................................................................................71
CHAPTER NO.6.....................................................................................75
6.1 Conclusion.....................................................................................75
6.2 Findings.........................................................................................76
6.3 Future Work...................................................................................77
7. References.......................................................................................78
CHAPTER NO 1
Mobile Ad hoc Wireless Network
Introduction
The advent of wireless technology is one of the biggest breakthroughs of modern technology.
This technology enables the users to utilize the freedom of movement and the use of the
equipment while on the move. Initially the use of wireless technology was restricted for the
military purposes to provide cutting edge to the defence forces. However, during the 1980s

Page
7
there was an explosive growth of this technology. For general public the first interaction with
the wireless technology was the mobile phone. Initially the technology was expensive to use
and difficult to maintain. But with the rapid advancement in this field the technology became
affordable and with the implementation of fourth generation of wireless networks the entire
concept has changed. In recent year Mobile Ad hoc Network (MANET) seek much attention
from industry and academic researchers from all around the globe. This technology has come
with its own flavour as they are easy to deploy in disaster areas and for emergency operations
due to its nature of design and operation, such as an environment where a collection of few
mobile nodes can form a temporary network without a need of any centralized networks, with
the collaboration of each other nodes they sent and forwarding packets to destination nodes.
Each node act host and router at the same time to forwards the packet. Mobile Ad hoc
Network do not rely on wired network routing protocols. Mobile Ad hoc Network uses Ad
hoc routing protocols, these protocols are entirely different than tradition wired network as
routing path breaks and connected due to self organized nodes to discover multi hop routes
through network to any other node. This functionality is also known as infrastructure less.
Wireless network provide connectivity between end nodes i.e. PDA, Notebooks, Mobile
phones etc, without the use of wires. The transmission occurs on electromagnetic waves,
know as radio waves. Wireless network can be combination of switches, routers and hosts
without any wired connected to each other, they must functional wirelessly. A router is
responsible for packet forwarding in the network and host are source or destination of the
data flow. Wireless network giving edge compare to traditional networks as there is no
physical cable required for data transfer. Wireless communication gives a freedom to host to
move freely in wireless communication zone network. To accompany this freedom wireless
communication relay on channel know as radio frequency RF, Wireless nodes are attached
with a centralized fixed network such as Access Point (AP). The Access Point (AP) acts as a
middle man between the wireless nodes, as wireless nodes are on the move from one place to
another AP keeps them connected to a wireless network. The existence of these networks is
not feasible as fixed network also know as infrastructure is limited support to the adaptability
of wireless network. Therefore this technology is not reliable where no fixed infrastructure is
present like rural areas.
In recent advancement technologies such as Bluetooth and IEEE 802.11 launched a paradigm
of wireless system called as Mobile Ad hoc Networks (MANET). The speciality of this
technology is that it could be managed even in lack of fixed infrastructure. This technology is
efficient, effective, quick, and easy to deploy. MANET consists of independent mobile nodes

Page
8
connected by wireless medium, each mobile node acts host and operates as an end system,
and also acts as router for all nodes in the network. MANET are heterogeneous as path
between each single pair may have multiple links, each mobile node is free to roam while
communicate with other nodes and self organize. This forms a relationship of different kind
of links to become a part of the same network [1]
Figure 1.1 Mobile Ad hoc Network.[32]
While Mobile Ad hoc network have many advantages over the traditional wired network, but
when it come to security it pose a immense set of threats. Firstly Mobile Ad hoc network face
the threat of secure communication in wireless medium. The MANET connectivity poses a
great threat to radio frequency in fallowing ways; [2]
 The wireless medium has no complete or no certainty visible limitations

outside of which stations are known to be incapable to obtain network frames.
 The wireless medium is defenceless from outside the channel signals.
 The wireless medium is considerably less undependable then wired media
 The phenomena of hidden terminal and exposed terminal may occur

consistency.
Secondly, nodes having no security on the network may face threats from active attack as
impersonation to passive attacks as eavesdropping which lead network to deceased and
degrade the performance and resources. Vulnerable malicious node attempts to intercept the

Page
9
radio wireless transmission and modify the packets without the knowledge of authorized
nodes. Likewise, various attacks Denial of Service could be launch easily to start sending
packets through vulnerable nodes which give false update information to disturbed and
poison the routing information in the network. As result the network is destroyed and the
motive of attack will be successful.
Aim of thesis
It is try to provide as much as information in regards of malicious node, the techniques,
methodology and tools which are assume as attacker approach to harm or hijack the network
resources in light of few attacks that are analysed on OPNET Modeler 14.5, We believe
implementing few number of attacks on MANET with having enough knowledge of the
attack as prospective of attacker thinking, can help to investigate the weakness of the network
and have better understanding to secure the network.
1.3 Project Structure

The project is divided in to seven chapters. Chapter 1 give brief description of MANET
technology and the problem statement in light of security issues. Chapter 2 presents the
theoretical concept of security vulnerabilities of each layer in MANET i.e. Physical layer,
Data link layer, Network layer, Transport layer, Application layer and cross layer security
attacks. Chapter 3 presents the MANET security service in terms of authentication,
confidentiality, integrity, availability and non-repudiation. Chapter 4 explains the simulation
tool OPNET Modeler 14.5 along with experimental design, implementation of the network
we created to analyse in terms of security; application configuration, profile configuration,
and mobility configuration are defined. Pulse jammer node model and Misbehavior nodes
model is created to implement them on network. Different routing protocols are carried out in
each scenario to generate the traffic. This chapter mainly focus on the simulation and nodes
settings. Chapter 5 is about the performance metrics throughput, delay, network load, packet
delivery ratio and retransmission attempts results have been discussed. Finally chapter 6
presents the conclusion, finding and future work.
CHAPTER NO 2
2.1 Physical Layer Attacks
Physical layer is the lowest layer of OSI reference model. This is commonly shortened as
“PHY”. The physical layer has a priority compare to other layer of OSI/ISO reference model

Page
10
as it is the only layer where data is physically moved across the network. The physical layer
function is encoding, signalling, data transmission, reception and physical network design.
On wireless networks it functions as radio transceiver, and packet transmission through
physical medium. The function of physical layer on wireless is to transmit the single in the
radio wireless waves to its destination or to finding path with collaboration of other nodes
which are present in the network. When physical layer receive the single it pass it to other
lower layer. Radio wireless signal in MANET are highly vulnerable on physical layer, as
wireless radio signals travel throughout the open air as having their limited frequency range.
Consequently radio wireless communication is easy to jam or intercept as its nature of using
open airwaves. Any malicious node can hear the wireless signal and disrupt the transmission
in the network.
As many attacks are executed and widely discussed in literature on wireless network, thus
physical layer is one of important layers of OSI reference model to secure in order to protect
the radio signal from many malicious attacks that can launch attack on this layer. Launching
attacks on physical layers are Jamming transmission, interference, eavesdropping is mostly
applied and in common practice on this layer. Attacker goal is to weak the strength of radio
signal but also jamming the transmission to bring the network resources down.
Jammer Attack
Jammer attack is commonly used to wipe out the transmission on the target wireless
networks. Jammer attack responsibility is to stop nodes from sending and receiving packets
on network. Jammer function on physical layer to generate the packet at a high constant rate
on wireless medium to keep the medium busy, consequently node on network can’t access
the wireless medium due to the noise jammer created in wireless medium. In this attack, the
malicious node hire a device called Jammer which is use to observing the wireless radio
frequency, until attacker match the frequency at receiving node receiving the signal from the
sender in the network. Attacker matches the frequency with the help of Jammer frequency
device of the targeted networks and transmits radio signals with generating a continuous high
radio frequency (RF) it is powerful signal that overwhelmed within the range of network
transmission. Subsequently messages are lost due to high noise in the spectrum. Jammer
attacks are considered as brutal force attack. Jammer attacks can be classified as constant
jammer, deceptive jammer and random jammer.

Page
11
Interference Problem
In wireless network interference has seen commonly, it occurs when set of nodes clash with
other devices which are using the same Radio Frequency (RF). Each MANET node station
use 802.11 network card to transmits packet in the network when no other node transmitting
the packets. If any other node happens to sending packet, other node will have to wait to get
the wireless medium free. Radio Frequency (RF) occupies the unwanted interference Radio
Frequency signals that interrupt the normal operations as 802.11 protocol defined by IEEE
get interfering Radio Frequency single of sufficient amplitude and frequency which can
appear as bogus 802.11 nodes transmitting a packet. This cause genuine 802.11 station to
wait for indefinite periods of time until interfering signal goes away. The sources of Radio
Frequency Interface which may cause the problem are 2.4 GHZ this could be any interference
single including microwaves, wireless phones, and Bluetooth devices etc.
Eavesdropping Attack
Eavesdropping attack is the process of gathering information by snooping on transmitted data
on legitimate network. Eavesdrop secretly overhear the transmission. However, the
information remains intact but privacy is compromised. This attack is much easier for
malicious node to carry on as evaluate to wired network. Eavesdropping attack in MANET
shared the wireless medium, as wireless medium make it more vulnerable for MANET
malicious nodes can intercept the shared wireless medium by using promiscuous mode which
allow a network device to intercept and read each network packet that arrives. The attacker
node intercepts the transmission as every MANET node is equipped with transceiver in range
of the communication which can be decode by means of malicious node to target the
authorized node on the network, malicious node can obtain the sensitive information etc,
modify the routing route or poison the routing table. This can seriously harm the network
resource and degrade the network performance. There are number of hardware tools that
allow promiscuous mode, such as Prisme2 network card with using eavesdropping and high
power antenna to intercepting wireless traffic.
2.2 Data Link Layer Attacks

Data link layer is second lowest layer of OSI reference model; it is commonly known as link
layer. It ensures the reliable communication link between neighbour nodes, data link layer
define the different network and protocol characteristics, i.e. logical link control (LLC),
Media Access Control (MAC), Data Framing, Addressing, and Error Detection and Handling.
In wireless networks MANET nodes provide multipoint peer-to-peer network architecture.

Page
12
Their connectively is maintain by one hop among to the entire network by using link layer
protocol and the network layer protocol extent the connectivity to other nodes in the network.
Malicious nodes can launch attack on link layer by distracting the collaboration of protocol of
this layer. [3]
IEEE 802.11 attack

The vulnerability on DoS attacks in link layer IEEE 802.11 has been investigated malicious
node has to keep the most of binary exponential back off scheme. In order to happen as
expected malicious node damage frame easily by putting few extra bits on the frame and
overlook the ongoing communication. The mechanism of this procedure is understood when
IEEE 802.11 node transmit the binary exponential each node wait for it term and get back-off
until the transmission is in progress. Malicious node keep the wireless medium busy and start
loaded frames transmitting which tend to capture the wireless channel by sending data non-
stop as result neighbours nodes back-off endlessly. Therefore other nodes find the wireless
medium busy and keep back-off so the performance of the network degrades this way.
Virtual Jamming attack 802.11

In virtual jamming attack malicious node sent RTS packets continuously on the transmission
with unlimited period of time. During this entire process malicious node effectively jam the
transmission with a large segment of transmission on the wireless channel with small
expenditure of power. This attack is much effective than physical layer jamming as this
attack consume less battery power compare to the other physical layer jamming attack. For
example node M is a malicious node and it starting sending a false RTS packet to node R
with a large frame. When nodes G and H receive packet on wireless channel they both
become blocked for a certain amount of time as apply for node M as figure show in 3.1. [4]
BUSYRTS BUSY

Page
13
BUSY BUSY
M
CTS
Figure 3.1 Virtual Jamming attack 802.11
2.2.3 Traffic Monitoring and Analysis Attack

These attacks are to identify the characteristics of communication on radio wireless
transmission which could lead it for future useful information for malicious attacker to launch
attack against the targeted network. This attack identify the communication nodes and their
physical location, information like the amount of data transmitted, number of nodes in the
network, channel frequency and spread spectrum etc. WLAN, cellular network and even
satellite network suffer from these vulnerabilities. These attacks are not considerable for
MANET but they are fall into other WLAN attacks
Single adversary attack (SAA)

In this attack malicious node intrude into an authorized target network and starting generating
IEEE 802.11 massive flow signals to authorized nodes on the target network, the goal of
malicious node is to drain the battery power of authorized nodes and to reduce the available
channel capacity of authorized nodes on network. This attack is known as single adversary
attack. [5].
Colluding adversaries attack (CAA)

In this attack two or more malicious nodes involve having understanding to contribute using
802.11 signal and start generating the signals to each other. Hence the channel get busy for

Page
14
other nodes therefore the targeted nodes in the network cannot communication to each other.
This attack is called colluding adversaries attack [5].
2.3 Network Layer Attack

Network layer is the third lowest layer of OSI reference model. The function of network layer
in OSI layer model is to provide the services for exchanging the individual piece of
data/information over the network between identified end devices. To achieve the integrity
four basic processes are involved in it. [6]
• Addressing
• Encapsulation
• Routing
• De-capsulation
The network layer in MANET uses ad hoc routing and does packet forwarding. In MANET
nodes act as host and router. Therefore router discovery and router maintains in the MANET
is effectively concern. Thus attacking on MANET routing protocol not only disrupt the
communication on the network even worst it paralyzed the whole communication all over the
network. Therefore, a security in network layer plays a vital role to ensure the secure data
communication in the network. To evaluate the security threats in network layers, threats in
network layer are classified as:
• Routing protocols
• Attacks on network layer.
2.3.1 Routing Protocol

Routing is process of moving packets from source network to a destination network in
internetworking devices. Routing protocols use a routing algorithm which is a mathematical
formula to forward the packet to its destination. The routing algorithm varies from one
routing algorithm to another etc OSPF, BGP. In wireless network two types of
communication paradigm exists, which use different routing algorithm due to the nature of it
use, infrastructure uses the traditional wired routing and in Mobile Ad hoc wireless network
nodes are connected by wireless link through physical layer and data link layer, thus the
network topology may keep changing randomly due to the movement of nodes. Routing
protocols that are used in traditional wired network finding a path to route the data flow, for
example packets from a source node to destination node, cannot be applied directly due to the
nature of Ad hoc wireless network, as frequent path breaks during ongoing sessions,

Page
15
disruption commonly occur during transmission/receiving. Situation like them are not reliable
links in traditional wired network where all node are fixed. Traditional wired network
protocol find path easily when path break. Convergence is slow in wired networks. Therefore,
routing protocols for ad hoc network must be able to perform effective and efficient mobility
as they are dynamic and no centralized infrastructure present.
Many routing protocols have been proposed in MANET. The aims of these routing protocols
are to provide a reliable and secure communication and remove fault in existing protocols.
Proactive (Table Driven Routing Protocols)

Proactive protocols maintain up-to-date routing table information in their routing tables and
regularly update the changes in the topologies as appears. When a topology change occurred
nodes on the network broadcast the update routing table throughout the whole network to
maintain up-to-date routing information. They work similar to the traditional wired network
routing protocols i.e. RIP, RIP2. The protocols from this class are not feasible for large
number of network as this cause more overhead in their routing tables and consume more
bandwidth.
The examples of different varieties of table driven protocols are given below:
• Topology Dissemination Based on Reverse Path Forwarding (TBRPF)

• Destination Sequenced Distance vector routing (DSDV)
• Optimised Link State Routing Protocols (OLSR)
• Cluster Gateway switch Routing Protocols (CGSR)
• Fish eye State Routing Protocol (FSR)
• Wireless Routing Protocol (WRP)
Reactive (On- Demand Routing Protocols)

Reactive protocols are also known as On-Demand Routing Protocols, their function is
entirely different than proactive routing protocols. They do not maintain the routing
information of the network topology; they get necessary information of the topology when
they are required. Additionally these protocols do not share routing information frequently.
The examples of different varieties of proactive protocols are given below:
• Dynamic Source Routing Protocol (DSR)

Page
16
• Ad Hoc On Demand Distance Vector Routing Protocol (AODV)
• Temporally Ordered Routing Algorithm (TORA)
• Associativity Based Routing (ABR)
• Location aided Routing (LAR)
Other Routing Protocol

Routing protocols are backbone of the network; a number of routing protocols are invented
according to network requirements and according to their hierarchical routing. Proactive and
reactive protocols are mostly discussed in MANET there are two other routing classes of
protocol called Hybrid and Hierarchical. The Hybrid routing protocol is a combination of
reactive and proactive protocols. The Hierarchical routing protocols used for scalable routing
scheme and set up a hierarchy which is fallow in way of anti trail. The example of
Hierarchical routing protocol is;
• Hazy Sighted Link State HSR

• Zone Routing Protocol ZRP
• Distributed Dynamic Routing Algorithm DDR
Comparison of Proactive, Reactive and Hybrid Routing

Protocol in MANET
Routing Protocol Advantages Disadvantage
Proactive Rapid establishment of Convergence time is slow,

routes and less delay. resources amount is used
Routing information is up- heavily. Routing information
to-data periodically. flooded in whole network.
Reactive Obtain the required path Routes are not up-to-date,

when necessary, saving large delay.
resources, do not exchange
routing table periodically
and Loop free.
Hybrid Up-to-data routing Required more resources for

information, limited search larger size zones. Arbitrary
cost and scalable proactive scheme within

Page
17
zones.
Table 4.Comparison of Routing Protocols [7]
Attack on Network Layer

In network layer, the attackers aim is to disturb the network traffic by attacking on network
layer, attacker injects a malicious packet between the source and the destination nodes trying
to get control of the network. Once the network is hijack attacker can easily misguide the
network and absorb the traffic. To understand this situation we shall look at the example as
given below, Figure 2.1 [8], network of three nodes S, X and D are formed node M is
malicious node and it trying to broadcast false RREQ packet to node X to get control of the
network. Figure 2.2 [8] shows the malicious node successfully gets into a network with false
RREQ. This example shows with having no route security between nodes therefore any
malicious node disturb the traffic on MANET.
S X D
Figure 2.1 MANET malicious node access attack on network
S X M D

Page
18
Figure 2.2 MANET malicious node attack on network
Yang proposed that two kind of attack fall in network layer, routing attacks and packet
forwarding attacks. [8]
Routing attacks
There are different numbers of attacks in MANET routing that can be launch against the
legitimate network by employing malicious nodes. The purpose of these attacks is to spoil the
current routing tables that has been built up by intermediate nodes and which are handling
smoothly around the network topologies. Following are the few of them which are commonly
launched to trigger the routing protocols.
Routing table overflow attack

In routing table overflow attack vulnerable node or group of nodes advertise route to
particular none existing node, which does not exist at all, the aim is to emphasis the
legitimate nodes on the network to join the advertise route. The goal of this attack is to
originate overflow of routing table that creates a large amount of routes by vulnerable node to
stop creating new routes from genuine node in the network. Proactive protocol is easy to
attack as proactive protocol use discover routing information before they send route to other
node on the network. [9]
Routing table poisoning attack

Routing table poisoning attack is classified as internal attack, as selfish node or set of
misbehaving node implement this attack for purpose to save the battery life or exploit the
routing. In MANET routing protocol maintain the information regarding the routes they learn
of different network topologies. Misbehaving or selfish nodes create fabricated routing
updates and modifies the original routing route and re-broadcasting the modified original
packet to other nodes on the network. As a result network becomes inaccessible to use. [10]
Route cache poisoning attack

Malicious nodes use the advantage of route information using technique known as
promiscuous mode where node can hear all the raw packet transmitted on the network and
can easily overhearing the packet and change the routing information enclose in the packet
header route cache. Route cache poisoning are mostly used in on demand routing protocols,

Page
19
as each node had a cache route that has the information regarding the route it has been routed
to know nodes in the network, this attack is much similar to eavesdropping attack.
Packet forwarding attacks or Advance attacks

Many new attacks on network layer have been identified which are brutal against legitimate
network and complicated to understand. Many new advance techniques are used to attack on
networks. In these attack many routing protocol for MANET are proposed to enhance to
solve the problem. Therefore, it is area of interest for researcher to find the loop hole for
MANET security.
Black hole attack

The black hole word is driven from the physics phenomenon, which mean swallow. In term
of MANET black hole means swallow the data packets. The black hole uses the concept of
generating false route and dropping data. The black hole performed two steps to accomplish
this.
First black hole malicious node advertises itself having a valid fresh routing paths etc.
shortest and stable path to the destination node. Secondly, once black hole node attract the
traffic toward itself and when the flow of traffic come to node its start dropping the
forwarding packet and do not forward the packet as result all packet through malicious node
is lost. As shown in the figure 2.3 [11]
Wormhole Attack
Wormhole attack is similar to black hole attack both attack share the similar phenomena, only
the difference in wormhole work with a collision with other nodes. The goal of wormhole
attack is to affect the MANET routing protocols etc AODV and DSR route discovery. First
attack record the packet at one location and tunnels it to another location by employing the
techniques using wired network or using an off link wireless channel at different radio
frequency. The tunnel between these two colluding is called wormhole.
Classification of wormhole attack

Wormhole can be classified into further five categories as proposed [12], [13]
• Wormhole using Encapsulation

• Wormhole using out of band channel
• Open wormhole attack
• Closed wormhole attack

Page
20
• Half open wormhole attack
• Wormhole with high power transmission
Wormhole using Encapsulation

When nodes S broadcast for the RREQ to its neighbours node C and node D, where as node
A1 and node A2 are colluding attacker. Nodes A1 records the RREQ request as forward from
node C. Node A1 tunnels the RREQ to its partner A2, and rebroadcast to its neighbours H.
The request is transmitted quicker than the request from node S to node A1. As a result node
D decide a route D-H-C-S and delete the route it had it before in its routing table. On the
other side node S choice route S-H-D which pass through A1 and A2. As shown in the figure
2.4
B C
M
A
E
D
RREQ A, B, C, D, E Node
Data
RREQ Malicious Node (M)
Figure 2.3 Black hole attack in MANET

Page
21
Wormhole using out of band channel
This stage the attack used a band channel which is in different frequency as compare to the
target network. The goal is to accomplish using a wired link or using out of band high
bandwidth channel between malicious nodes wireless link using a long range directional
antenna. When node S send a RREQ to node C and D neighbours, node X1 and X2 are
malicious nodes and using a out of band channel between them. Malicious node X1 forward
RREQ to malicious node X2, there X2 rebroadcast the packet to next neighbours so S get
three route request X1-X2-G compare to other route B-C-E-F-G where as the first route is
shorter than the second. [14]
X X
A I
1 2
Attacker1 Attacker 2
S D
Target
B C E F G
RREQ
RREQ through worm hole
RREP
Wireless link
Wormhole link
Figure 2.4 Wormhole attack Redraw [Rashid et al, 2008]

Page
22
Open wormhole attack
In this attack malicious node keep examine the wireless medium to process the discovering
RREQ packets, in the presence of malicious node in the network other node on the network
suppose that malicious node are present on path and they are their direct neighbours.
Closed wormhole attack

The attacker does not modify the capture packet nor did it modify the packet field head. The
attacker take the advantage when the packets are in the process to find a route know as route
discovery. At route discovery process attack tunnel the packet from one side of the network
to another side of the network and re-broadcast packets.
Half open wormhole attack

In this attack only one side of the packet is modify from the malicious node and the other side
of the malicious node do not modify the packet subsequently route discovery procedure.
Wormhole with high power transmission

In this attack malicious node use maximum level of energy transmission to broadcast a
packet, When malicious node received a Route Request (RREQ) by using route discovery
process, it broadcast the Route Request (RREQ) at a maximum level of energy of it power so
the other node on the network which are on the normal power transmission and lack of high
power capability hears the maximum energy power broadcast they rebroadcast the packet
towards the destination. By doing this malicious node get more chances to create a route
between source and destination without using colluding node.
Jellyfish attack
Jellyfish attack is much similar to black hole attack, Jellyfish attack use the same techniques
as black hole does. Jellyfish first invade on the forwarding packet once it get hold of the
packet it start delaying the data packet for a certain amount of time before forwarding them.
By doing this network performance significantly end to end delay and delay jitter occurred.
In jellyfish attack malicious node send/receive route request and route reply normally. The
main mechanism of jellyfish is to delay packet without any reason. [15]
Gray holes attacks

Gray holes attacks have two characteristics, first a malicious node broadcasting falsely
having a valid route to destination node with goal of intercepting packets. Secondly the node
drops the intercepted packets. [16] Claims malicious behaviour in many means. It could drop

Page
23
coming packet from destination while forwarding packets for other nodes on network. Other
different approach Gray holes malicious node can do is to drop all forwarding packet for
some time may behave malicious but switch to normal behaviour later.
Byzantine attack
These are vulnerable Byzantine attacks as set of few or numerous node work as cooperation
to launched the attack against the target network. The compromised intermediate nodes or set
of nodes worked as collusion to form an attack. The compromised nodes create routing loops
and may drop packets. Byzantine attacks are hard to detect.
Packet Replication
In this attack malicious node generate the replicates stale packets and start sending it to a
trigger network, in result the nodes on the network get overload of these packets and it will
consume the bandwidth of the network and start consuming the battery of the nodes as well.
Rushing attack
The authorized node in on-demand routing protocol require a RREQ packet in attempt to find
a path to destination. When a malicious node receives a RREQ packet from a source node it
rapidly broadcast it throughout the network topology before the other nodes on the network
topology receives RREQ packets. When nodes on the network received the original packet
they assume those packet are duplicate as they already received the packet form the malicious
node and discard the original pack
2.4 Transport layer Attack

Transport layer is the fourth layer of OSI layer model. MANET Transport layer can be
categorized in to connection oriented and connection less protocols which maintains the end-
to-end flow connection, end-to-end delivery and congestion control of communication among
nodes on the network. Transport layers DoS attacks are vulnerable as TCP does not have
mechanism to differentiate whether it loss data was a congestion error or malicious attack.
Fallowing attacks are classified on this layer. Transport layer attacks; which are as fallow
[17].
Replaying acknowledgement
Replaying attacks are more vulnerable than any other attack on transport layer. The MANET
transport layer protocols TCP- Reno are vulnerable as the function of this protocol is to
acknowledgement of the same segment multiple times signify negative acknowledgment.

Page
24
Malicious nodes take the advantage and start replying acknowledgment multiple times to
make the source node consider that packets are not transmitting successfully.
SYN flooding attack

In this attack the malicious node sent a large amount of TCP connection is created via a
victim node by only opening a half window through. Due to nature of this attack malicious
node never open the full connection to handshake. As like traditional network do, two nodes
must establish TCP connection using three way handshakes to process the communication.
Once the attack is launch the malicious node generating vast amount of SYN data packets to
faulty node.
Figure 2.5 SYN flooding attack Hijacking [18]
2.4.3 Session hijacking

In session hijacking the malicious node spoofs the IP address of the victim and concludes the
right sequence number and implements a DoS attack. Session hijacking giving a opportunity
to a malicious node to act as a authorized node. Once the DoS attack is performed the target
nodes become occupied for time being. The malicious node masquerades as one of end nodes
of the session and hijack the session.
Figure 2.6 Session Hijacking [18]
2.5 Application layer Attacks

Application layer is upper last OSI layer the function of this layer is to provide the end to end
communication between nodes; application layer represents the software application that
provides the network services and connection to lower layer of OSI model. Many application

Page
25
layer attacks has identified in MANET as traditional wired network and MANET share the
elements and parameters to function and to perform the application interference to share the
same similarities. As MANET is self-organised nodes therefore they are mostly like to get
attack from malicious nodes.
2.5.1 Application layer attacks MANET

The application layer interacts with software application of the OSI layers closest to end user.
The functionality of application layer is to identifying communication protocols like HTTP,
FTP, SMTP and TELNET etc and maintaining by direction flow of communication between
end nodes on the network. Application layer faced vulnerable activities like other OSI layers
does. However the attacks launch attack on network through malicious code and repudiation
attack because this layer supports varieties of protocol. Once get attacked node not only
suffer from degrading the network it also effect on it Operating System (OS), Trojan and
Malware are the common examples of application layer attacks. An attack can launch
application Denial-of-Service attack (DoS), it could be accomplished by attack start sending a
large amount of request to application layer. Like HTTP attack flood hundreds of page
request to web server which bring down the capability of the processing time. This process
highly build computational load on MANET server and may degradation the network of loss
of availability of the application.
Malicious attack
In this attack a malicious node attack on the operation system (OS) of the other host node on
the network. Malicious node sent a Malware or Trojan virus in to a victim node. These
attacks are severe and cause victim node to stop using the network resources. Malicious code
attacks are a vulnerable programme that attack on host nodes. Trojan virus infects the
operation system however Malware code copy itself on the network and keep spreading
around the network. the aim of these attack are to constrain itself on the network and
whenever a new nodes get IP access it start itself on the operation system on the node without
giving any notice to node. These attacks mostly seek the specific information on the
legitimate node and sent information to malicious node which will be used to collection
personal information and specifics information to attack on other nodes.
Repudiation attack
Transport layer and network layer security is not enough to prevent the attacker to attack on
the nodes in network. Repudiation is the attack which is by passed by a attacker from
transport and network layer. Repudiation attacks refer as denial of participation in the

Page
26
communication. Repudiation attack can be seen as Malware where as an attacker node keep
accessing the system as a selfish node and deny any conducting operation which is coming
from system in order to communication on the network.
2.6 Cross layer security Attack

Attack on MANET exist on number of OSI reference model, but many of few attacks can be
launched are not specifically according to OSI reference model they are known as cross layer
attacks. However MANET attacks are distinguish in to active and passive attacks. Active and
passive give a better understanding of attack which is implemented from malicious node to
legitimate networks.
Active attack
In active attack the packet transmitted over the wireless radio frequency could be modified or
corrupt during the data exchanged among network nodes from intercepting of malicious node
to trigger network. A malicious node can modify the packet by setting up false information
into packet header, as result routing events puzzled and degrades the network performance,
Active attacks can be classified in two categories internal attack and external attack
Internal attack
Internal attack are took place inside the network, selfish nodes misbehave against the network
accordance to be faithful to network; the purpose of selfish node is to save the battery life or
its own purpose and not forwarding packet to other nodes. These attacks on network are hard
to detect compare of external attacks as attacker is inside of the network and damage the
resource of network by not cooperation.
External attack
These attacks are take place from outside the network from those node that do not are part of
the legitimate network. To prevent these attacks as a caution to use an encryption technique
mechanism and using firewall to block that access of unauthorised node from network
resources.
Passive attack
The function of the passive attack is to listening the radio frequency channel and get as much
as information on the network traffic before launch any attack whist the passive attacks are
launched to steal the important information regarding to target network such as
eavesdropping and traffic analysis. These attacks are also harder to detect.

Page
27
i) Modification attack
In this attack the malicious node gather the requirement information on which routing
protocol network is running this can be accomplish by using eavesdropping to hear the raw
packet transmission. Once the required information is gather malicious node create changes
in the routing table of the target network and start broadcasting it. Due to the nature of the
MANET they are mobile nodes new path are discovered and break frequently. Malicious
nodes take the advantage of this phenomenon and participate in packet forwarding process
and launched the message modification attack. [25]
ii) Man-in-middle attack
This attack is also known as Tunnel attack, the attacker take control of the transmission
between the source and destination by intercepting them. The intension of attack is to either
to change sent messages or gain the useful information on the intermediate nodes on network.
iii) Fabrication attack
Fabrication attack is also called as tampering attack, in this attack malicious node do not
interrupting or modifying any routing table thus the attacker fabricate its own packets and
transmit it on the network to create a chaos to bring down the network. Fabrication attacks
can also be launched from the internal misbehaving nodes like route salvaging attacks.
iv) Route salvaging attacks
This attack is launched by internal nodes such as misbehaving nodes the purpose of this
attack is misbehaving node salvage their own packets duplicate them and rebroadcast them
on the network with no error messages. This attack could be more dangerous for the network
if this attack is implementing with the collaboration of other misbehaving nodes. These
attacks not only consume unnecessary bandwidth but also drain off the resources of the other
intermediate and destination nodes.
v) Sleep deprivation attacks
The aim of this attack is to drain off limited resources in MANET nodes etc, energy power,
by keep sending the route request to the trigger nodes. Hence routing protocol, sleep
deprivation attack can be launched by flooding the unnecessary routing packets in order to
make the node unable to participate in the network and unreachable by other nodes on the
network.
vi) Location Disclosure

Page
28
A location disclosure attack can expose information about the network topology and the
location of nodes and structure which are set place. The information of location disclosure
may be very helpful in regards to adjacent to the target or physical location. Routing hop
limit is used to measure the distance and sending ICMP error is recorded. Using these
techniques attack can find out the target nodes.
vii) Information Discloser attacks
In this attack a node can disclose the confidential information to malicious node, like location
or structure of the network topology which is useful for the malicious node to launch a attack
on a specific network in result malicious node gather all the information which it need and
which node is suitable to implement a attack.
Chapter NO.3
3.1 MANET Security Services

Security in MANET has been an active research area from past few years. MANET posed
several security threats and challenges when it comes to security. Security is a critical issue
as MANET are dynamically move able nodes, security is a big challenge to make the
communication reliable and secure from eavesdropping as wireless medium is more
susceptible to attack. In respect to MANET security the goal is to provide a ultimate security
among nodes to communicate such as authentication, confidentiality, integrity, and non-
repudiation are the basic requirement of the secure communication on the radio frequency
medium.
Authentication
Authentication is the mechanism that node use to validate the data when transmission is
taking place by authorized nodes, this process of communication is authentic. Without
authentication malicious nodes get access on the network and data can be modify without any

Page
29
prior notice to authorized nodes. Authentication stop the access of other malicious node to
function or to duplicating data to assure the recipient that message is from that source node
sent to other node in network.
Confidentiality
Confidentiality purpose is to ensure the access to legitimate nodes on data, as confidentiality
could be compromised by other means through malicious nodes. MANET data that send to
other nodes have to be comprehensible to receiving node only, there is a probability that
message can be intercepted by intruder node. In mobile ad hoc network confidentiality is vital
part for securing the transmission on wireless radio as sensitive of data. As an example the
transmitted messages send on mobile ad hoc network can be caught by adversary appearing
as authenticated mobile node by using a spoofing attack, as result this vulnerable activity
malicious node get access to that data. To avoid this problem is used a technique called data
encryption known as cryptography.
Integrity
Integrity ensures the process of changing or to interception of modifying the information by
authorized nodes in MANET other task of integrity is to make sure the message transmitted
on the wireless medium never corrupted, a massage can be corrupted by malicious nodes. By
doing this kind of attacks the adversary may change or duplicate the data packet information
message or could redirect the network traffic to other routes or to a different destination node.
Availability
Availability proceeds the survivability and functioning of network to provide guaranteed
services at all the times despite malicious or misbehaviour nodes on the network. If a
malicious node or denial-of-service (DoS) attacks launch against the network, where DoS
attack can be launched at any layer of OSI model on MANET. A malicious node use jammer
to obstruct the transmission on physical layer, or data link layer to disable the back off
mechanism or on network layer to halt routing by disturbing route discovery process.
Additionally, malicious node brings down network resources. Therefore to combat these
challenges key management is fundamental for implementation of any security framework.
Non-Repudiation
Non repudiation ensures the process of sending information among nodes on wireless
medium by sending nodes and receiving nodes. The nodes does not deny of information that
be transmitted or received by using a special mechanism called digital signature know as
cryptography which functions unique identifiers for each other. [19]

Page
30
Characteristic Aim Remarks
Confidentiality Prevent the information to Data encryption

unauthorized access
Integrity avoid illegitimate deletion Hash function

modification
Availability Network resources Tackling MANET

accessible to nodes within
the network
Non-repudiation Stopping malicious nodes Using of signature on

to access the network packets/messages
Table 5. A Review of Security Parameters in Mobile Ad-hoc networks. [26]
CHAPTER NO.4
IMPLEMENTATION
4.1 Discrete Event Simulator (DES)

Discrete event simulator (DES) is a modelling of system which defines inconsistent value
changes on the condition of discrete set of point in time. Discrete event simulator is mostly
use for a packet by packet model of the network topology in network communication. The
simulation models are measured or analysed by numbers to a certain extent of analytical
methods. Analytical simulator which is combines of mathematical formulas etc, algebraic
equation, stochastic process or differential equations to solve the model requirements [20]
[21]. There are different types of simulator that can distinguish etc, protocol, processing.
4.2 Continuous simulation

Continuous simulation is the system performance which can be characterized by different
equations and the simulation consists in solving the equation. It is a simulation of a system of
liner or non-liner differential equations. This set of equations could be represented in time
domain or transform domain. [22]
4.3 Test bed Labs

The test bed are use for experimental purposes in labs where real systems are placed in to get
the outcome of the selected protocol or application to measure the performance for future
purpose or analyse the traffic point to point delay. The implementation of selective protocol

Page
31
and applications are harder to implement as they have their own drawback like the cost of the
hardware to install is expensive in terms of use and to monitor these systems [23].
4.5 Simulation tool

To demonstrate a research on MANET security issues there are different variety discrete
event simulator available. Such as NS-2[27], OPNET[28], Glomosim[29], QualNet[30],
OMNet++[31] . I decide to work on discrete event simulator OPNET MODELER 14.5, the
reason for using this software is because of it highly rich features, it has a leading atmosphere
for network design and modelling simulation, it support all most all industry standards
network protocols, applications and devices. OPNET Modeler generally produces accurate
result compare to other discrete simulators [24]. OPNET is recognized largely from many IT
organizations. In addition to that, it’s programming library help researchers and professionals
to modify the network component to measure the performance in the OPNET simulation. The
OPNET environment includes the study of all phases etc, Model design, data collection,
simulation and analysis.
4.6 The Architecture of OPNET

The methodology and the concept which make the OPNET user friendly is it simple
architecture. Highly rich modelling environment for modelling and perform the evaluation of
communication and distributed system are the most appealing features. The OPNET software
suits come with a number of tools, each single suite emphasis on particular characteristic of
modelling task. These tools are classified in to three parts as shown in Figure 9.2, all these
three parts are inter-connected to make to flow of simulation data to generate. These three
phases of modelling and simulation projects are
1). Specification
2). Data collection and simulation
3). Analysis
Re-Specification
Initial Data Collection

Specification and Simulation

Analysis
Page
32
Resource: OPNET MODELER Documentation
The phases are accepted to execute in sequence path and form and simulation cycle.
4.7 Intelligent Pulse Jammer Attack Model

In this thesis we have implemented the intelligent pulse jamming attack, as jamming devices
can be easily implemented to attack on the network. The function of Jammer is to deny
network transmission services to authorized users by generating noise on the wireless
medium in order to block the access for authorized nodes. Jammer node keep sending the
high frequency packet on the wireless medium at constant rate or at pulse rate by prohibit the
traffic flow to authorized nodes on the wireless medium. Intelligent pulse jammer attack is
created and implemented on “Ad Hoc On Demand Distance Vector, Geographical Routing
Protocol, and Optimized Link State Routing”, all these routing protocols are implemented on
each single network scenario where first normal traffic is generated by defining the
application and profile parameters later by introducing the intelligent jammer attack on the
network to compare the results.
There are many different kind of jammer which can be use against the target network; most
commonly are Constant Jammer, Deceptive Jammer and Random Jammer and Reactive
Jammer. Scenario 1, 2, and 3 focus on intelligent pulse jammer attack, the reason to call
jammer a intelligent is because it’s pulse off time and pulse on time are the main parameter
which act on jammer to behave on and off at certain time as define to generate the
transmission. Additionally the jammer node transmit power is set lower than the normal
nodes on the network, is to prove that jammer with low transmit power can create a great
impact by reducing the throughput of the target network and calling our pulse jammer as
intelligent pulse jammer.
4.8 Misbehavior Node Attack Model

The purpose of misbehavior node is not to function properly in the network. Misbehavior
nodes achieve its goal by acting maliciously. It stops forwarding packet to other nodes, by
simply start dropping the packets, consume the bandwidth of the network by broadcasting
route when not necessary etc. The misbehavior nodes stop performing the basic task and as
result the network become congested and the traffic on the network lead to delay of data and
degrade the performances of the network. In this thesis we examine the misbehavior node on

Page
33
Optimized Link State, Geographical Routing Protocol, and Ad Hoc On Demand Distance
Vector routing protocol. We have make changes in misbehaviour nodes to act maliciously by
dropping the packet which it received from other node on the network and make delay to
forward the packet to it other node on the network. To act differently we change the packet
size and packet inter-arrival time so the misbehavior nodes behave different rest of the
network.
For each single scenario first normal network traffic is generated and later by introducing
three misbehavior nodes on each single scenario and comparing the results.
4.9 MANET Network Model

A campus network scenario 800x800 is created, 29 MANETs nodes are deployed on OPNET
Modeler simulator. We use IEEE 802.11 network standards for MANET nodes. The numbers
of nodes in MANET scenario are kept as 29, the simulation run time for each scenario is set
at 300 seconds with the seed value 128 and simulation kernel is set as optimized mode. The
number of network scenario are six, each network scenario is implemented with different
routing protocol. First three scenario are on Intelligent pulse Jammer attack, Scenario 1 focus
on intelligent pulse jammer attack on Optimized Link State Routing protocol (OLSR),
Scenario 2 is on intelligent pulse jammer attack on Geographical Routing Protocol (GRP),
scenario 3 is on intelligent jammer attack on Ad-Hoc On Demand Distance Vector(AODV).
Other three network scenario are on misbehavior attacks, scenario 4 examines the
misbehaviour attack on Optimized Link State Routing protocol (OLSR), scenario 5 on
Geographical Routing Protocol (GRP) and last scenario 6 describe the misbehaviour attack
on Ad-Hoc On Demand Distance Vector (AODV).
4.10 Application Configuration Setting

Application configuration is use to run the applications on MANET nodes on the network.
The function of application configuration is to specify the applications that will use to
configure user profile. In order to run any network simulation in OPNET modeller there is a
need to define the application which will generate traffic on the network. The applications we
decided to run on our network are FTP (Medium Load), EMAIL (Medium Load), and
DATABASE (Low Load). The following figures show the attributes of the application
configuration setting.

Page
34
4.11 Profile Configuration Setting
The function of profile configuration is to define the activity prototype of user in requisites of
the application used over a period of time. Profile configuration use the duration of time that
each application runs on the network node. Profile configuration also specific the operation
mode as serial (Ordered), serial (Random) and simultaneous. For FTP, EMAIL and
DATABASE applications the start time set as uniform (5,10) and duration set as end of
Profile where as the number of repetitions are set as unlimited for the above applications. All
the application profile is set as serial (ordered) in profile configuration.

Page
35
4.12 Mobility Configuration Setting
The mobility configuration setting allow the MANET nodes to move around in random
direction so the link between nodes can break and new link will be establish by discovering
new routing tables. Therefore, I have made some changes in Mobility random waypoint
parameters. Speed is set as uniform_int (0,10), pause time is set as constant (50), start time
set as constant (10) and stop time is left default end of simulation.
4.13 Node Model Traffic Packet setting

In MANET nodes act as router and host to forward the packet to other nodes on network. In
our simulation network scenario all the MANET are mobile nodes and all nodes trajectory is
selected as vector, traffic generation parameters for start time is set as 5.0, All MANET nodes

Page
36
are attached with a standard wireless IEEE 802.11 network card with data rate (bps) 11Mbps,
Institute of Electrical and Electronics Engineers (IEEE) define three main operational
standards for wireless LAN i.e. IEEE 802.11 a/b/g, These all three standards belong to
IEEE802.11 protocol family. The most deployed wireless network standard is 802.11b,
Majority of the public use this standard. The data transfer rate is 11 Mbps, whereas the actual
data transmission rate achieved is approximately 4-7 Mbps. we shall define the packet length
according to the IEEE 802.11 which is 0 to 2304 bytes plus 28 bytes header filed. To set the
packet value of IEEE 802.11 in MANET node we change the packet size of MANET node to
Packet size (bits) exponential 16000 bits, where 16000 bits equal to 2000 bytes. IEEE 802.11
b specification describe if network is larger than 2304 bytes the source node discard the
packet. The inter-arrival time is exponential (.03) unless otherwise specified. The RTS
threshold is define 128 bytes on MANET nodes, data packet whose size is WLAN MAC
header of 28 bytes exceed threshold need RTS/CTS frame exchange before transmission of
the actual packet over the wireless medium. Buffer size of each single MANET node is
define as 102400 rest of the value of the MANET nodes are left default etc. Channel settings,
Physical Characteristics, Large packet processing.

Page
37
4.14 Creating Intelligent Pulse Jammer Node Model
Creating Intelligent Pulse Jammer node model is different than create a MANET node model.
The reason of that is Pulse jammer node has different structure than MANET node it has
radio transmitter that continuously generate the noise on wireless medium unless specified by
it source attributes to change it pulse on and pulse off setting. Pulse Jammer node can be
deployed as fixed, mobile, and satellite node. To implement intelligent pulse jammer node on
network scenario we have to modify the Jammer node attributes in OPNET Modeler
simulator. Jammer node band frequency is set as 2402, and the jammer bandwidth specifies
the frequency in MHz as 100,000. The jammer transmitter power is set as 0.001. Once
defining the attribute of the pulse Jammer node, we shall define the source attributes of pulse
jammer node, pulse off time is set as 0.000399 and pulse on time is set as 1E-006.

Page
38
4.15 Creating Misbehavior Node Model
Creating Misbehavior node is similar to normal MANET node. By applying the different
packet setting misbehavior node act different on the network. We have change the packet size
as uniform (190,220) and packet inter-arrival time is set as exponential (.005)
4.16 Scenario 1
Performance of Optimized Link State Routing (OLSR) protocol under Intelligent Pulse
Jammer attack
First, we implemented Optimized link State protocol on 29 MANET nodes all node are
configure default OLSR setting of Ad-Hoc routing parameters in OPNET Modeler. The area

Page
39
is defined as of 800x800. Application configuration, profile configuration and mobility
configuration are defined and implemented in order to generate the traffic under OLSR
routing protocol. The traffic result is recorded. Secondly, we placed two intelligent pulse
jammer nodes in the OLSR network within 29 MANET nodes and named the scenario as
OLSR_JAMMER, the jammer nodes will transmit packets on pulse time setting on the
wireless medium until simulation time end. We have recorded the results against the normal
network with OLSR and with intelligent pulse jammer nodes under OLSR and compared
with in term of Throughput, Delay, Traffic sent, Traffic Received, packet dropped and error
messages.
4.17 Scenario 2
Performance of Geographical Routing Protocol (GRP) under Intelligent Pulse Jammer
attack
In this scenario, first we implemented the Geographical Routing Protocol on MANET nodes
with the default GRP setting in OPNET Modeler. The area of GRP is set as 800x800 so
nodes can freely move in random directions. Application configuration, Profile configuration
and mobility configuration are defined. The results are noted under the GRP routing protocol
with normal traffic. Later we implemented intelligent pulse jammer attack under GRP routing
protocol and named the scenario as GRP_JAMMER, the results are compared in term of
throughput, delay, traffic sent, traffic received, packet dropped and error messages.
4.18 Scenario 3
Performance of Ad-Hoc On-Demand Routing (AODV) under Intelligent Pulse Jammer
attack
In third scenario we use the Ad- hoc (AODV) routing protocol on 29 MANET nodes with the
area 800x800. Application configuration, profile configuration and mobility are defined as in
scenario 1 and 2. Once the normal traffic result are collected we duplicated the AODV
scenario and name is AODV_JAMMER by introducing two pulse jammer nodes under
AODV nodes. And compare the capture result against the throughput, delay, packet dropped
and error messages.

Page
40
4.19 Scenario 4
Performance of Optimized Link State Routing (OLSR) protocol under Misbehavior
attack
In this scenario we have implemented misbehavior node attack on Optimized Link State
Routing protocol. Before implementation attack we define a network with random mobility
so MANET node can move around in the area of 800x800. Misbehavior node attack is
different compare to intelligent jammer attack. Misbehavior node act maliciously act to drop
packets and stop forwarding packet to other nodes and consume bandwidth. To generate the
traffic on the network we define the application configuration which contain data the
application used in the network, in profile configuration different application are associated
to generate the traffic. The application used in Misbehavior node are FTP (Medium Load),
EMAIL (Medium Load) and Database (Low Load). In our misbehaviour node we only
change the packet size of the node. Our model act genuinely because we haven’t change any
power transmitter value, same RTS value be use as for normal MANET node used. Apart
from packet size nothing else is modified in misbehavior node.
We run a normal network with 29 MANET nodes using default setting of OLSR routing
protocol within area of 800x800. Same application configuration, profile and mobility are
used as mention above. All the result of normal network has noted. A new scenario is created
with the name of OLSR_MISBEHAVIOU, here we placed three misbehavior nodes at
different position so when the traffic is generated among other nodes misbehavior node start
dropping and stop forwarding packet to other nodes. All results are capture and compare
against the normal network in terms of throughput, delay, packet delivery ratio and network
load.
4.20 Scenario 5
Performance of Geographical Routing Protocol (GRP) under Misbehaviour attack
Geographical Routing Protocol is implemented as default setting of GRP in OPNET Modeler

under 29 nodes the area size, application configuration, profile configuration and mobility is
kept as mention in earlier scenarios. First normal traffic is generated under GRP routing
protocol later duplicate the scenario with same parameter with name of
GRP_MISBEHAVIOUR, three misbehaviour nodes are placed at different position in the
area of 800x800. After simulated both normal scenario network and GRP_MISBEHAVIOUR
network we compare the result of each scenario in terms of throughput, network load, packet
delivery ratio and delay.

Page
41
4.21 Scenario 6
Performance of Ad-Hoc On-Demand Routing (AODV) under Misbehaviour attack
The last scenario focuses on the performance of Ad Hoc On Demand Routing (AODV) under
three misbehaviour nodes. The MANET nodes are configured to use default AODV routing
protocol in OPNET. Application, profile and mobility defined as mention earlier scenarios.
Normal traffic result capture once simulated new duplicate scenario is created with a name
AODV_MISBEHAVIOUR where we introduce three misbehavior nodes and once collected
their result we compare result against the normal network.
4.22 Performance Metric and Analysis

Performance metric are important aspect to perform analysis on network and to explain the
implementation of the simulation setup, its design are explained, and a key factor to evaluate
the real performance of the network. In our network simulation we decided to chose, Packet
end to end delay, throughput, delay and network load.
 Packet Delivery ratio
Packet delivery ratio is number of data packets received by destination nodes

divided by number of data packets transmitted by source nodes.
 Delay
The packet end to end delay is the average time of the packet passing through inside
the network. It includes all over the delay of network like transmission time delay
which occurs due to routing broadcasting, buffer queues. It also includes the time
from generating packet from sender to destination and express in seconds.
 Throughput
The ratio of the total data reaches the receiver from the sender. The time it consume
by the receiver to receive the last packet is called throughput [33]. Mathematically
throughput can be characterized as in equation [34].
Throughput=Number of delivered packet*Packet size*8/Total duration of simulation
 Network load
Network load is the total packet sent and received across the whole network at a
particular time.

Page
42
 Packet Dropped
Packet dropped shows how many packets successfully sent and received across the
whole network. It also explains the number of packet dropped during the
transmission due to interference from other devices.
Conclusion
This chapter describes the model of the network we implemented to focus for our
results, we explain in well detail the parameters chosen for application configuration,
profile configuration, mobility, and we also explain the model value settings of
MANET nodes, intelligent pulse jammer and the modification of misbehaving nodes

Page
43
CHAPTER NO.5
5.1 RESULT AND ANALYSIS
In this chapter we briefly explain the several metric parameters which are packet end to end
delay, throughput, network load, packet dropped. All these metric are taken from the earlier
chapter scenario’s result of each MANET simulation. All these result are first compared with
their normal scenario where no malicious activities take place. We have analysis the results in
term of MANET security likewise, availability, confidentiality and authentication.
5.2 SCENARIO 1
Comparison of Optimized Link State Routing (OLSR) protocol under Intelligent Pulse
Jammer attack
To view the simulation results and to compare them we have run the model network
simulation, a model network simulation is explained in chapter no 4. The scenario is run three
times to make sure the result are accurate and compared with several metric parameters. The
results of the simulation are noted and are as follows:
Fig 5.1 Normal traffic without any attack and Fig 5.2 traffic under jammer attack

Page
44
The fallowing graphs shows the OLSR protocol behaviour with and without under intelligent
pulse jammer attack.
Fig 5.3 Normal OLSR routing protocol Fig 5.4 OLSR routing under intelligent pulse
Jammer
Evaluation
5.2.1 Throughput
Figure 5.4 Intelligent pulse jammer attack on OLSR shows a significant result. The pulse
jammers reduce the throughput of the entire network by generation raw packet (noise) in the
wireless medium. The simulation started time on both scenarios normal traffic of OLSR and
OLSR with jammer attack is 5.0 second and up till 300 seconds. The overall throughput of
normal network is 1,400,000 bit/sec (1.4 Megabits) however compare with intelligent pulse
jammer attack the overall throughput on entire network is reduce to 1,200,000 bit/sec (1.2
Megabits). Therefore we can conclude the jammer attack use the wireless medium and
decrease the network traffic throughput.

Page
45
Figure 5.4
5.2.2 Network Load

The network load shows the occurred event on the network traffic by introducing the pulse
jammer attack. It can be seen clearly the network delay slightly reduce when the jammer start
generating raw packet on the network. Figure 5.5 shows the normal traffic on network load
with average of 1,313727 bits/sec (1.3 Megabits) and later with jammer node on network
showed the network load with average 1,086427 bits/sec (1.0 Megabits). The network load
made a huge impact.
Figure 5.6

Page
46
5.2.3 Delay
The Figure 5.7 shows the delay increased in presence of pulse jammer nodes with overall
delay is start increased at the start of the simulation in pulse jammer scenario compare with
the normal network. we can say that due to abnormal activities due to pulse jammer nodes on
network had make network more vulnerable which reflect the need of confidently,
availability and authentication on network. The delay is increased up to 26 seconds compare
to normal network at 22 seconds.
Figure 5.7
5.2.4 Packet Dropped

The normal OSLR network packet dropped is lower than the OLSR under pulse jammer
attack shown in Figure 5.8 the reason of that packet dropped showed that at the power
transmit 0.001 still can be effective compare to normal node where power transmit is set at
0.005. As pulse jammer generated raw packet than normal OLSR network. The packet
dropped average of pulse jammer is 1,400,000 bits/sec (1.4 Megabits) where as the normal
OLSR network packet dropped average is 1,200,000 bits/sec (1.2 Megabits). If we compare
Packet dropped graph of OSLR with throughput graph of OLSR we observe the throughput
of OLSR normal network was 1.4 megabits but in case of packet dropped the OLSR normal
network packet dropped average is 1.2 megabits. This shows the packet sent to its destination
or to forwarding other nodes were successful as compare to introducing the pulse jammer
reduce the performance of network in all means.

Page
47
Figure 5.8
5.2.5 OLSR routing Hello packet

The OLSR routing protocol is observed by implementing pulse jammer node attack on the
network in Figure 5.9. The jammer attack clearly showed that it not only disrupted the
throughput and network load but it also decrease the routing table of OLSR routing protocol.
During the jammer attack the Hello packet decrease compare to normal network. Hello
packet traffic sent rate as normal network 16,000 bit/sec (14.5 Kilobytes) and with pulse
jammer is 14759 bits/sec (1.84 kilobytes) it is clearly observed during the abnormal activity
cause of jammer node disturbed the routing forwarding table to other nodes due to the noise
in the wireless medium.

Page
48
Figure 5.9
5.3 Scenario 2
Comparison of Geographical Routing Protocol (GRP) under Intelligent Pulse Jammer
attack
Scenario 2 is examined the Intelligent pulse jammer attack on Geographical Routing

Protocol. We run the simulation and capture the results shown in Figure 5.10. The simulation
run time is set as 300 seconds.
Figure 5.10 Network with GRP routing protocol
the next Figure 5.11 and 5.12 show the performance GRP routing protocol without and with
intelligent pulse jammer attack.

Page
49
Figure 5.11 GRP wihout Pulse Jammer attack Figure 5.12 GRP with Pulse Jammer attack
Evaluation
5.3.1 Throughput
To evaluate the result of GRP routing protocol under intellignet pulse jammer attack are
compare to the GRP normal network and GRP Jammer network in Figure 5.13. we analyse
the throughput of the entire network with and without intellignet pulse jammer. The graph
show that with jammer attack GRP routing protocol had a severe effect on network
throughput. The normal network throughput recorded as 35,500,000 bits/sec duration of 300
seconds, where the start time to generate traffic set as 5.0 seconds. On the other hand the
GRP with jammer attack showed a throughput of 1,000,000 bits/sec which is two times less
than the original recorded on GRP with normal network scenario. If we convert the bits/sec
rate in to megabits we get better view to understand the network performance with and
without jammer nodes on the network. without jammer the total throuput is 3.5 megabit per
second and with two pulse jammer nodes the total throuput is 1 megabit per second.

Page
50
Figure 5.13
5.3.2 Network Load

The network loads show the Figure 5.14 of GRP normal network and GRP with pulse
jammer. It shows the network load increased by introducing of pulse jammer. The reason of
that is pulse jammer generating a noise on radio frequency in pulse time which increases the
network load on the network.
Figure 5.14

Page
51
5.3.3 Delay
The delay on GRP routing protocol shows a great impact on the throughput on the network.
The normal network delay is constant on x-axis however with the intelligent pulse jammer
nodes the delay is increased exponentially. It has clearly showed the increase in delay will
affect the reliability of the network and takes the network in to the congestion dead lock as
shown in Figure 5.15
Figure 5.15
5.3.4 Packet Delivery Ratio

The Packet delivery ratio conclude the traffic send and traffic received on MANETs by the
destination nodes or forwarding data for other nodes from the source node, clearly showed in
Figure 5.16 that pulse jammer destroyed the transmission on the radio frequency due to its
malicious activity of generating noise. Analyses on graph shows the Normal network average
MANET traffic sent rate is at 16,000,000 bits/sec on the other hand the normal MANET
traffic received average rate is 2,000,000 bits/sec with duration of 300 seconds. When
implementing intelligent pulse jammer attack the MANET traffic sent and MANET traffic
received rate is decline rapidly. Packet delivery ratio has highlighted the affect of pulse
jammer traffic sent/received on MANET nodes. Pulse jammer node reduces the traffic sent
average rate to 2,000,000 bit/sec where as the normal MANET node traffic received rate was
2,000,000 bits/sec. On the other hand the pulse jammer node severely reduce the MANET
traffic received rate on the network with average rate of 366,810 bits/sec (45.85 kilobytes)
compare to 2,000,000 bits/sec (2 Megabits) of normal MANET traffic received average rate.

Page
52
Figure 5.16
5.4 Scenario 3
Comparison of AODV under Intelligent Pulse Jammer Attack
The result of AODV under Pulse jammer attack had been taken, implementation had defined
in chapter no 4. Simulations are run at number of time to make sure the results are accurate.

Page
53
We compare the results under a number of parameters. Captured results of simulation are as:
Figure 5.17 AODV normal traffic responses Figure 5.18 AODV under Pulse Jammer traffic

Page
54
Figure 5.18 Normal traffic response Figure 5.19 Pulse Jammer traffic response
Evaluation
5.4.1 Throughput
The normal network throughput is compared with intelligent pulse jammer attack in Figure
5.20. As we notice the difference of attack with pulse jammer lead network to congestion and
decrease the network performance. Network reaches at lowest throughput decrease at
beginning of the simulation when jammer start generated the noise; the total network
throughput is 5000,000 bit/sec (5.5 megabits) whereas by implementing jammer nodes the
throughput on the network is decrease. We can say the usage of channel lead to congestion
and network performance is decrease
Figure 5.20
5.4.2 Network Load

Network load of the whole network is shown in the Figure 5.21. Comparing the two
networks, normal network and pulse jammer attack network shows a load with pulse jammer
attack decrease the network. The bandwidth available to the network is highly reduced in
presence of jammer nodes. As packet sent from the MANET node to other nodes on the
network are lost due to jammer nodes. This clearly reflects the availability and reliability of
MANET nodes in terms of security.

Page
55
Figure 5.21
5.4.3 Delay
The Figure 5.22 shows the delay between normal network and with jammer nodes. A gradual
decrease on y-axis is clearly seen. By observation the pulse jammer attack the delay starting
at co-ordinates of the beginning of the simulation and last it till at end. Most probably the
reason of that is jammer start sending packets on the wireless frequency on it start time and it
get increased due to noise in the network which prevent the MANET node to continue the
transmission on the network.

Page
56
Figure 5.22
5.4.4 Retransmission Attempts

Retransmission attempts occurred in network when delivery of packet is dropped or lost
without reaching the destination nodes. Retransmission attempts have increased in presence
of pulse jammer nodes shown in Figure 5.23. Pulse jammer network and normal network start
broadcasting request for creating route among the nodes. The normal network starts
broadcasting the request route to build routing tables. Therefore the increase of
retransmission attempts affect directly proportional of the network due to load that is
increased on entire network.
Figure 5.23
5.4.5 Route Discovery Time

To measure the route discovery time the Figure 5.24 showing the route discovery time of
AODV under pulse jammer attack. The normal network route discovery time is constant from
7 minutes to until at the end of the simulation. The up and down route discovery time of
AODV under normal network is unbalanced until the time of 7 minutes. This is because of
the reason when MANET routing start initializing at the beginning of simulation it start
broadcasting the routing table. Compare to under pulse jammer attack the vulnerable nodes
starting the raw packet transmission in order to make the network vulnerable in terms of
complex transmission or to degrade the MANET performance by making noise on radio
frequency. First the jammer nodes make it complicated for MANET to performance route

Page
57
discovery time by time go it make it more worse and gradually decrease the time of route
discovery.
Figure 5.24
5.5 Scenario 4
Comparison of Optimized Link State Routing (OLSR) protocol under Misbehavior
nodes
After implementing intelligent pulse jammer attack, scenario 4 focus on the result of the
misbehavior nodes, the implementing and the parameter setting has already defined in earlier
chapter 4. We have run the misbehavior nodes simulation network with number of time to
make it show the results are accurate meanwhile compare those results with the normal
network to analyse and understand the impact misbehavior nodes made on network.
In this scenario, we compare the Optimized link state routing protocol under misbehavior
nodes, the simulation run time is set as 300 seconds, and the fallowing graphs will give
details of the results and evaluation between the normal network traffic response and
misbehavior traffic response.

Page
58
Figure 5.25 & 5.26 With normal traffic response with Misbehavior nodes
Figure 5.27 & 5.28 With Misbehavior nodes traffic response in network.
Evaluation
5.5.1 Throughput
The Figure 5.29 shows the entire throughput of the network with misbehavior nodes and
without misbehavior nodes in the network. Throughput progressively increased to 1,5,10,313
bit/sec with in a set time of 300 seconds. On the other hand nodes on the misbehavior
performance reduce the throughput of the entire network and keep at constant rate of

Page
59
1,443,790 bits/sec. The vulnerable activities of misbehavior nodes didn’t decrease the
throughput gradually but keep it at a constant rate. However the misbehavior nodes
throughput on the whole network is recorded at 1,390,698 bit/sec, we also observe the
throughput during the end of simulation with misbehavior node is reducing to 1,390,239
bits/sec. We can conclude the throughput of the whole network will reduce more if the during
of simulation time extend to more than 300 seconds. Additionally misbehavior nodes are
compared with normal network traffic where the usage of wireless medium is increased at
substantial level.
Figure 5.29
5.5.2 Delay
The delay in Figure 5.30 show the normal traffic delay and misbehavior traffic delay. By
observing the graph the network misbehavior delay started at almost the same time as with
normal traffic however the delay occurred at co-ordinates 12 x-axis where it can be examine
clearly. Whereas the normal network delay at 12 x-axis and further got to at y-axis 22. On the
other hand the misbehavior nodes y-axis ends at 25 y-axis. From here to till end of the
simulation run time the delay is getting increased. The delay has increased systematically to
higher level by introduction of misbehavior nodes on the network. The reason for this
situation is as all nodes using the same routing protocol but due to different characteristics of
misbehavior nodes act as maliciously therefore some intermediates nodes in the network
follows the selected nodes to forwarding of packets.

Page
60
Figure 5.30
5.5.3 Packet delivery ratio (PDR)

The Figure 5.31 shows the total traffic received and total traffic sent with and without
misbehavior nodes on the network. This process is also know is packet delivery ratio, where
the total traffic sent and total traffic received packet are measure in terms of performance
because it has a relation to real delivered packet at source node and received node packets at
the destination. By examine the graph we observed the rate of traffic received with having
misbehavior nodes on the network is steadily decreased. Whereas the normal traffic received
co-ordinates showed the received rate at 900,000 bits/sec as passage of time of simulation
process the traffic received slightly decrease and end at 600,000 bits/sec. The reason behind
this is because of MANETs nodes exchange the routing table to other nodes and few packets
are dropped or discarded. Compare to misbehavior nodes the traffic received gap is 200,000
bits/sec. As misbehavior nodes do not forward packet to other nodes and drop packet
increased and whole network lead to dead lock in term of performance.

Page
61
Figure 5.31
The traffic sent on normal network is noted as 2,000,000 bits/sec where as the network with
misbehavior nodes are 1,827,631. We can conclude that the traffic sent to network is
decreased by introducing the misbehavior nodes. As misbehavior nodes does not participate
to perform it basic task for the fulfilment of the requirement of network in good means. These
activities lead network to congestion and decrease it performance.
5.5.4 Network Load

The Figure 5.32 represents the network load on the network with normal traffic and with
misbehavior traffic. There is a difference between normal network and misbehavior nodes on
network.

Page
62
Figure 5.32
5.6 Scenario 5
Comparison of Geographical Routing Protocol (GRP) under Misbehavior nodes
In scenario 5, network traffic is generated on Geographical Routing Protocol with normal

nodes and later introducing with misbehavior nodes. All the simulation result are capture and
are compared, following are the result capture with normal and with misbehavior nodes.
Figure 5.33 Normal traffic response Figure 5.34 Misbehavior Nodes traffic response

Page
63
Figure 5.35 GRP traffic response Figure 5.36 GRP traffic under Misbehavior nodes
Evaluation
5.6.1 Throughput
To determine the network performance we first look at the throughput of the whole network
with comparison of misbehavior nodes as shown in Figure 5.37. The run time of the
simulation is set as 300 seconds. The normal network throughput is noted as 3,500,000
bits/sec at constant rate on x-axis. Introducing the misbehavior nodes affectively reduce the
throughput of the network performance at constant rate of 1,500,000 bit/sec. This showed a
poor performance of network traffic. The three misbehavior nodes had decreased the
throughput of the whole network by not forwarding packets to other nodes and keep dropping
the packet randomly. This concludes the performance of misbehavior nodes have poor affect
on the network traffic. It also concludes the reliability of the node is essential in terms of
security.

Page
64
Figure 5.37
5.6.2 Delay
The delay parameters show the misbehavior nodes activities on the whole network in Figure
5.38. The delay has increased compared with normal network traffic. The reason of increase
delay is misbehavior nodes does not cooperate with other nodes on the network. Misbehavior
nodes only forward packet when they want too. Compare to normal network traffic a constant
rate is noted on x-axis throughout the simulation time. However the misbehavior nodes delay
is notice up and down due to the malicious activity on the network. It also show the packet
delay time is increased to reach the packet at destination node.
Figure 5.38

Page
65
5.6.3 Network Load
The network load of the normal network noted as 3,500,000 bits/sec at duration time of
simulation 300 seconds in Figure 5.39. Network load shows the total load on the MANET’s
node on the whole network in terms of bandwidth usage. Later implementing the three
misbehavior nodes simulation result showed the whole network load is increased due to
vulnerable activities of misbehavior nodes on the network. The network load reduces to
1,500,000 bits/sec. It has concluded that the misbehavior nodes failed the network
performance in every aspect.
Figure 5.39

The Packet Delivery Ratio is compared to examine the network performance with vulnerable
activities in contrast with normal network performance in Figure 5.40 & Figure 5.41. The
average MANET traffic sent on the wireless medium is 1,800,000 bits/sec (1.8 Megabits)
with no vulnerable activities on the network and the received traffic on normal MANET’s
node is 400,000 bit/sec 0.4 (Megabits) at the start of the simulation but it has slightly
increased and reached up to 600,000 bits/sec (0.6 Megabits) at the end of the simulation
result. On the other hand nodes with vulnerable activities are implemented the total average
of traffic received is noted 1,522,600 bit/sec(1.5 Megabits), compare to normal network

Page
66
traffic receiving packet it has decrease due to malicious nodes does not work together with
normal network nodes. The average sent traffic is noted with malicious node on the network
at below 2,000,000 bits/sec (2 Megabits). This clearly shows malicious node are misbehavior
on the network. They are not performing their duties, they are missing the packet and not
forwarding the require packet to other nodes on the network.
Figure 5.40 Normal MANET Traffic sent/received Figure 5.41 MANET Traffic sent/received
under Misbehavior nodes
5.7 Scenario 6
Comparison of Ad-Hoc On-Demand Routing (AODV) under Misbehavior nodes
Scenario 6 is design to examine the on AODV routing protocol under misbehavior nodes.
The simulation run time is set as 300 seconds all results of the simulation are captured and
are as fallow.

Page
67
Figure 5.42 Normal network traffic Figure 5.43 Under Misbehavior Nodes traffic
Figure 5.44 AODV normal traffic Figure 5.45 AODV Misbehavior Nodes traffic
Evaluation
5.7.1 Throughput
The throughput of the whole network with normal nodes and with misbehavior nodes is
simulated and results are captured in Figure 5.46. The result shows significant changes on
throughput of the network with misbehavior nodes. By examine the result we observe the
misbehavior nodes throughput started at the same time, when normal network nodes start.

Page
68
However later at 1 minute and 20 seconds time the misbehavior node throughput decline up
until at 3 minutes the throughput of normal network nodes and with misbehavior nodes on
network get equals. Form ahead of 3 minutes the misbehavior nodes throughput is increased
compare to normal network, the throughput for normal network end of the simulation is
recorded as 5,000,000 bits/sec (5 Megabits) whereas misbehavior nodes throughput is higher
5,400,000 bits/sec (5.4 Megabits). The reason of this increase throughput with misbehavior
nodes on the network could be, first misbehavior nodes start dropping the packet and not
forwarding the packets for other nodes on network, later misbehavior nodes start sending the
packets and forwarding packets faster than normal node in result normal nodes are not able to
process the packet and they overlooked the packets.
Figure 5.46
5.7.2 Network Load

The network load with misbehavior node is increased compared to normal network. The
reason as explain earlier nodes doing vulnerable activities forwarding packet and sending
packet more faster than normal node lead network to congestion and the performance to
network is affected as shown in Figure 5.47

Page
69
Figure 5.47

The packet delivery ratio results are analysing in terms of MANET traffic received bits/sec
and MANET traffic sent bits/sec in Figure 5.48 and Figure 5.49. First we examine the
MANET traffic sent bits/sec. The average traffic sent with normal network noted as
15,000,000 bit/sec co-ordination on x-axis. The starting time of the simulation was set at 5
sec, on initial start the normal traffic reached rapidly on y-axis at constant rate. When normal
traffic is measured in response of malicious traffic with introducing misbehavior nodes the
traffic sent is decrease heavily. The traffic with misbehavior nodes noted as 13,000,000
bits/sec during the simulation time was set as 300 seconds. The misbehavior nodes
highlighted the nodes are acting maliciously and are not doing well in terms of cooperation
with other nodes. Secondly, the MANET traffic received is noted, the average result of traffic
received is recorded as 1,400,000 bits/sec, however MANET traffic received go up and down
during the simulation the maximum average time of received packet is noted 2,800,000
bits/sec, later slightly decrease occurred and it start going down. The possible reason of this
up and down rate of MANET traffic received is due to starting of the network nodes
exchange the routing discovery, route request, and routing table among each other. When
introducing the misbehavior nodes on the network the MANET traffic received is recorded
lower than the normal network traffic. The average time of traffic received is 1,400,000. Thus
the normal traffic received and the malicious traffic received is totally equal. However the
start time with malicious nodes compare with normal nodes showed a difference of packet

Page
70
receiving. The maximum traffic received with misbehavior nodes is 2,400,000 bits/sec it’s
declining as simulation run. This conclude, the traffic with malicious nodes on normal
network degrade the performance of network.
Figure 5.48 AODV traffic sent with and without Misbehavior nodes Figure 5.49 AODV
traffic received with and without Misbehavior nodes.
5.8 Analysis
The simulation results present the performance of OLSR routing protocol under intelligent
pulse jammer attack. The comparison results taken in terms of throughput, packet delivery
ratio, network load, and delay are measured under intelligent pulse jammer attack, As the
pulse jammer attack model is already explained in chapter No 4. The capture results are
compared with OLSR routing protocol under jammer attack. The throughput of the whole
normal network with OLSR routing protocol is noted as 1,400,000 bits/sec (1.4 Megabits),
the reason of that low throughput is because of the heavy applications are used on the each
single MANET nodes i.e., FTP use TCP protocol, EMAIL use TCP protocol where as TCP
uses three way handshake which consume a lot of network bandwidth. The comparison
against the intelligent pulse jammer the throughput of the entire network with under pulse
jammer attack is recorded as 1,220,000 bits/sec (1.22 Megabits). The packet delivery ratio of
MANET traffic sent with normal network and with pulse jammer network is recorded as
1,891,000 bits/sec (1.8 Megabits) duration of 300 seconds. Meanwhile the normal MANET
traffic receiving rate is 600,000 bits/sec (600 kilobytes) where as with intelligent pulse
jammer introduction the MANET traffic received rate is 450,000 bits/sec (56.25 kilobytes).
The network load for OLSR network is 1,400,000 (1.4 Megabits) and with pulse jammer

Page
71
attack the network load is decreased is 1,200,000 (1.2 Megabits). Here the whole throughput
of normal network and the whole throughput of network with pulse jammer attack get equal
to the network load. On the other side there is no considerable increased or decreased in
OLSR routing total hello sent packets because the OLSR routing broadcast for the request of
route to every node and will start the packet transmission once finding the route. It has also
observed TC hello messages increased due to jammer attack.
Simulation results for GRP protocol was examine under intelligent pulse jammer attack. The
results were compared in terms of security considerations as explained earlier. The whole
throughput of GRP nodes on normal network is capture as 3,400,000 bits/sec (3.4 Megabits),
network load of the GRP nodes is 3,500,000 bits/sec (3.5 Megabits), with the implementation
of intelligent pulse jammer attack the throughput and the network load with attack reduce to
1,000,000 bits/sec (1.0 Megabits), 1,000,000 (1.0 Megabits). We found the delay has
increased when jammer generate raw packet on the wireless radio frequency, the GRP routing
traffic sent is reduce due to jammer attack as every node in network maintain the routing
table at certain interval of time. GRP packet delivery ratio decreased of packet when jammer
nodes vulnerable the network by its malicious activities.
Simulation results of AODV examine under intelligent pulse jammer attack. The results are
compared in term of normal traffic parameters and with pulse jammer traffic parameters,
throughput, network load, delay and packet delivery ratio is observed to analyse the results.
The throughput with normal nodes is recorded as 5,000,000 (5 Megabits), whereas by
introducing the intelligent pulse jammer nodes the throughput of entire network is recorded
as 4,500,000 (4.5 Megabits), The AODV routing protocol on MANET’s nodes showed the
decreased in delay, packet delivery ratio of received traffic under pulse jammer attack is
decreased and for the sent traffic is almost equal to normal traffic of nodes when pulse
jammer is implemented, the reason behind this could be the jammer is sending/generating
packet of the wireless medium at same time compare with the normal network with AODV
routing table etc, route discovery, route request etc. Hence jammer and routing table working
at same time of interval. However the packet lost is compared lower in AODV under pulse
jammer attack compare to other routing protocol.
Simulation results examined for the performance of OLSR routing protocol under
misbehavior nodes. The result showed large number of packets dropping placed from
misbehavior nodes. The process of OLSR forwarding packet MPR lower than normal
network as nodes with misbehavior capabilities does not cooperate on the network nodes. The
throughput of OLSR under misbehavior node is 1,400,000 bits/sec (1.4 Megabits) where as

Page
72
the network load is noted as same as throughput under misbehavior nodes. The packet
delivery ratio of MANET sent traffic with normal network nodes is 1,900,000 bits/sec (1.9
Megabits) compare to misbehavior nodes the sent traffic is 1,800,000 bits/sec (1.8 Megabits).
The received traffic MANET’s node is recorded first with normal network nodes 600,000
(75000 Kilobits) bits/sec compare with misbehavior nodes is 500,000 bits/sec (500 Kilobits).
The retransmission attempt under misbehavior nodes is lower than the normal network. This
concludes the malicious nodes on network are not interested to retransmit the transmission of
network in order to participate in network throughput. The result showed the overall packets
dropping occurred under misbehavior attack. OLSR routing table being dropped and not
forwarded to other nodes in order to route maintain and route discovery phases.
Simulation results for GRP under misbehavior nodes are examined. The throughput of the
whole network under misbehavior nodes is 1,314,594 bits/sec (1.31 Megabits) where the
original throughput of entire network is 3,400,000 bits/sec (3.4 Megabits) as it can observe
the throughput of the network under misbehavior node has decreased dynamically and only
1.31 Megabits is available to whole network. The network load of the network under
misbehavior node 1,400,000 bits/sec (1.4 Megabits) compare to normal network load
3,500,000 bits/sec (3.5 Megabits) is recorded, delay has increased during the misbehavior
nodes as malicious node dropping the packet before forwarding it to other nodes on the
network therefore any packet on network reach to its destination is dropped or reached late.
The packet delivery ratio is compared against the normal network with misbehavior nodes,
the normal MANET traffic received 1,600,000 bits/sec (1.6 Megabits), whereas with
misbehavior nodes (600 Kilobits), the MANET traffic sent with normal nodes is 1,450
bits/sec (1.45 Kilobits), compare to misbehavior node is 900 bits/sec (0.9 Kilobits). In GRP
routing the total number of backtracks are higher with malicious nodes compare with normal
nodes on the network. The GRP routing protocol is badly affected when malicious nodes
does not pass the routing route to other node to network to find the route.
The result of AODV routing protocol under misbehavior nodes examined, the packet delivery
ratio of traffic sent is recorded as 15,000,000 bits/sec later introducing the misbehaivor nodes
the MANET traffic sent is decreased to 13,686,074 bits/sec. looking at the traffic received of
normal node 2,800,000 bits/sec with misbehavior nodes decrease to 2,400,000 bits/sec.
Similarly, the throughput of the network is decreased under misbehavior nodes, so network
load as well.

Page
73
OLSR Routing Protocol Comparison with Pulse Jammer and Misbehavior nodes
Attack
Performance Throughput Network load Packet Deliver Delay (sec)

Metric bits/sec bits/sec Ratio
Sent/Received
bits/sec
OLSR 1,500,000 bits/sec 1,300,000 1,900,000 bits/sec 22 sec

Normal bits/sec
650,000 bits/sec
network
OLSR pulse 1,200,000 bits/sec 1,100,000 1,800,000 bits/sec 26 sec

Jammer bits/sec
450,000 bits/sec
attack
OLSR 1,400,000 bits/sec 1,200,000 1,827,631 bits/sec 25.4 sec

Misbehavior
550,000
nodes
GRP Routing Protocol Comparison with Pulse Jammer and Misbehavior nodes Attack
Performance Throughput Network load Packet Deliver Delay (sec)

Metric bits/sec bits/sec Ratio
Sent/Received
bits/sec
GRP Normal 3,400,000 3,500,000 bits/sec 15,244,019 bits/sec 8.5 sec

Network bits/sec
1,600,000 bits/sec
GRP Pulse 1,000,000 1,000,000 bits/sec 1,900,000 bits/sec 29 sec

Jammer Attack bits/sec
360,000 bits/sec
GRP 1,300,000 1,400,000 bits/sec 1,800,000 bits/sec 23 sec

Misbehavior bits/sec
580,000 bits/sec
Nodes
AODV Routing Protocol Comparison with Pulse Jammer and Misbehavior nodes
Attack

Page
74
Performance Throughput Network load Packet Deliver Ratio Delay (sec)
Metric bits/sec bits/sec Sent/Received
bits/sec
AODV Normal 5,000,000 2,000,000 15,000,000 bits/sec 15.3 sec

Network bits/sec bits/sec
1,400,000 bits/sec
AODV Pulse 4,800,000 2,200,000 15,257,000 bits/sec 18.2 sec

Jammer Attack bits/sec bits/sec
1,400,000 bits/sec
AODV 5,500,000 2,200,000 13,686,047 bits/sec 14 sec

Misbehavior bits/sec bits/sec
1,387,520 bits/sec
Nodes
CHAPTER NO.6
6.1 Conclusion
In this thesis the simulation study of our work consist of three routing protocol OLSR,
AODV and GRP set up over MANET using medium FTP, medium E-Mail and low Database
traffic analyzing their actions with respect to performance parameters, throughput, network

Page
75
load, and delay. The aim was to look at the performance under intelligent pulse jammer
attack and under misbehavior nodes.
Normal traffic is compared with different routing protocols, with pulse jammer attack and
misbehavior nodes in terms of performance i.e. throughput, packet delivery ratio, delay,
retransmission attempts. We showed several security breaches under pulse jammer attack and
misbehavior nodes attack models using OPNET.
Misbehavior nodes model attack showed the network affecting in several different security
aspects, it not only degrading the performance of the entire network but also reflect the
security measures like availability, authentication, confidentiality, integrity and non-
repudiation. Intelligent pulse jammer model showed the network degrading performance by
generating noise on the radio frequency hence the jammer highlighted the security aspect and
damaging the throughput and made more complicated for nodes to communicate on wireless
radio frequency. Several parameters affected in term of security under jammer attack.
6.2 Findings
From this study we can conclude the protocols we chosen to implement on our network, is no
single one having overall better performance under malicious activities i.e. Pulse Jammer
attack and Misbehavior nodes. One Ad Hoc protocol may be better in term of routing whilst
others may be better in term of throughput, packet delivery ratio, and delay.
In our study we analysed Intelligent Pulse Jammer attack and Misbehavior nodes attack with
six different scenario along with performance metrics. We analysed the vulnerability of
OLSR, GRP and AODV. Factor considered the performance of the routing protocols under
Jammer and misbehavior attacks, OLSR has the worst performance compared with other two
routing protocols AODV and GRP, in terms of throughput, network load and delay.
One can almost be certain that AODV routing protocol performed better opposite to OLSR
and GRP, its throughput, network load and delay is much better than the other routing
protocols. AODV performed well under jammer attack and under misbehavior nodes attack.
Based on the research we carry out and analysis of the simulation results in OPNET Modeler
14.5, we describe the conclusion that OLSR and GRP is more vulnerable under pulse jammer
attack and under misbehavior nodes attack.

Page
76
6.3 Future Work
Significant research on MANET has done so far and are most likely to grow more and get
huge presence in future communication infrastructure. As the use of MANET technology is
increase security becomes a concern as a large number of research paper showed MANET are
vulnerable when it come to security DoS attacks are launched against nodes easily.
If we get more time to work on MANET security we shall implement cryptography to

prevent MANET’s node from pulse jammer attack and from misbehaviour nodes attack for
better and secure the security of MANET’s nodes. Other than that if we get a time of six to
eight months we implement MANET security attack i.e. blackhole attack, wormhole attack,
byzantine attack we shall also look for the mechanism to prevent from these attack.

Page
77
7. References
1. H. Bakht, 2004. Understanding Mobile Ad hoc Network.
http://www.computingunplugged.com/issues/issue200406/00001301001.html
[Accessed Feb – April 2010]
2. Imrich Chlamtac, Marco Conti, Jennifer J. N. Liu, 2003. Mobile ad hoc networking:
imperatives and challenges.
http://www.scribd.com/doc/19471793/MobileAdHocNetworkingImperativesandChall
enges [Accessed Feb – April 2010]
3. B. Wu, J. Chen, J. Wu, M. Cardei, 2006. A Survey of Attacks and Countermeasures in

Mobile Ad Hoc Networks.
http://student.fau.edu/jchen8/web/papers/SurveyBookchapter.pdf [Accessed Feb –
April 2010]
4. Ashikur Rahman, Pawel Gburzynski, 2006. Hidden Problems with the Hidden Node
Problem. http://citeseerx.ist.psu.edu/viewdoc/download?
doi=10.1.1.61.365&rep=rep1&type=pdf. [Accessed Feb – April 2010]
5. Yihong Zhou, Dapeng Wu, Scott M. Nettles, 2004. Analyzing and Preventing MAC-
Layer Denial of Service Attacks for Stock 802.11 Systems.
http://www.arias.ece.vt.edu/publications/conferences/UKC06.pdf [Accessed Feb –
April 2010]
6. Cisco systems Networking

http://www.cisco.com/warp/public/707/cisco-sa-20091109-tls.pdf [Accessed Feb –
April 2010]
7. Hasnaa Moustafa and Houda Labiod, 2005. Source Routing-based Multicast Protocol
for Mobile Ad hoc Networks.
8. H. Yang, H. Luo, F. Ye, S. Lu, and L. Zhang, 2004. Security in Mobile Ad hoc
Networks: Challenges and Solutions, IEEE wireless Communication, Vol.11, Issue 1,
pp. 38-47.
http://netlab18.cis.nctu.edu.tw/html/AdHoc_Network/slides/Chapter3-1-Security
%20in%20Mobile%20Ad%20Hoc%20Networks.pdf [Accessed Feb – April 2010]

Page
78
9. Siddhartha Gupte, Mukesh Singhal, 2003. Secure routing in mobile wireless ad hoc
network, Deparment of computer science, university of Kentucky, Lexington, KY
40508. http://citeseerx.ist.psu.edu/viewdoc/download?
doi=10.1.1.117.1663&rep=rep1&type=pdf [Accessed Feb – April 2010]
10. Patroklos G. Argyroudis and Donal O Mahohy, 2005. Secure Routing For Mobile Ad
Hoc Networks, 2005. http://citeseerx.ist.psu.edu/viewdoc/download?
11. Dagmara Spiewak, Thomas Engel, and Volker Fusenig, 2007. Unmasking Threats in
Mobile Wireless Ad-Hoc Network Settings.
http://wiki.uni.lu/secan-lab/docs/Spiewak2007a.pdf [Accessed Feb – April 2010]
12. Houda Labiod, Mohamad Badra, 2007. New technologies, mobility and security,
springer.
13. Marianne Azer, Sherif El- Kassas, Magdy El-Soudani, 2009. A Full Image of the
wormhole attaks, towards Introducing Complex Wormhole Attacks in wireless ad hoc
networks.
14. Rashid Hafeez Khokhar, Md Asri Ngadi and Satria Mandala, 2008. A Review of
Current Routing Attacks in Mobile Ad Hoc networks.
http://eprints.utm.my/8213/1/NgadiMA2008_AReviewCurrentRoutingAttacksInMobi
leAd-hocNetworks.pdf [Accessed Feb – April 2010]
15. A. Rajaram, Dr. S. Palaniswami, 2010. The Trust-Based MAC-Layer Security

Protocol for Mobile Ad hoc Networks.
http://www.enggjournals.com/ijcse/doc/IJCSE10-02-02-51.pdf [Accessed Feb – April
2010]
16. N. Shanthi, Dr. Lganesan and Dr. K. Ramar, 2010. Study of Different attack on
multicast mobile ad hoc network.
17. Erdal Cayirci, Chunming Rong, page 116, 2009. Book Security in wireless Ad Hoc
and Sensor Network, John Wiley & Sons Ltd.

Page
79
18. Kamanshis and Md. Liakat, 2007, Security Threats in Mobile Ad hoc Network.
Master Thesis. Blekinge Institute of Technology.
19. C. Siva Ram Murthy and B. S. Manoj, 2004. Ad Hoc Wireless Network,
Architectures and Protocols, , chapter 9, page no 476.
20. Helena Szczerbicka, Kishor S. Trivedi and Pawan K. Choudhary, 2003. Discrete
Event Simulation with Application to Computer Communication Systems
Performances.
21. Jerry Banks, John S. Carson II, Barry L. Nelson, David M. Nicol, 2010. Discrete-
Event System Simulation, Fifth Edition, Chapter No 1, page no 16. Pearson.
22. Ricardo F. Garzia, Mario R. Garzia, 1990. Network Modeling, Simulation, and
Analysis, Chapter 1, page no 9, Dekker.
23. Luc Hogie, Pascal Bouvry, Frederic Guinand, 2006. An Overview of MANETs
Simulation, 2006. http://citeseerx.ist.psu.edu/viewdoc/download?
24. Gunnar Ronneberg and Olav Lysne, 2008. An OPNET-based Simulation Model of
SCI- nodes, University of Oslo. http://citeseerx.ist.psu.edu/viewdoc/download?
25. S.A. Razak, S. M. Furnell, P. J. Brooke, 2003. Attacks against Mobile Ad Hoc
Networks Routing Protocols, university of Plymouth.
https://www.scm.tees.ac.uk/p.j.brooke/b/Razak+04a.pdf [Accessed Feb – April 2010]
26. Ola Mohamad, Rosilah Hassan, Ahmed Patel, Rozilawati Razali, 2010. A Review of
Security Parameters in Mobile Ad-Hoc Networks.
http://www.ftsm.ukm.my/rosilah/files/OLA_ICICS.pdf [Accessed Feb – April 2010]
27. The Network Simulator –NS2, discrete event simulator targeted at networking.
Internet : http://www.isi.edu/nsnam/ns/ns-build.html
28. OPNET Technologies, Inc. “OPNET Modeler”, Internet :

http://www.opnet.com/solutions/network_rd/modeler.html
29. GloMoSim discrete simulation environment for wireless and wired network systems,
Internet http://pcl.cs.ucla.edu/projects/glomosim/

Page
80
30. QualNet Network Simulator, Internet : http://www.scalable-networks.com/
31. OMNeT++ open-source, component based simulation package for modeling

communication network. Internet http://www.omnetpp.org/
32. Mishra Amitabh, Nadkarni Ketan M., and Ilyas Mohammad, 2003.“Chapter 30:
Security in wireless ad-hoc networks, the handbook of Ad hoc wireless network”. ,
CRC PRESS Publisher.
33. Uyen Trang Nguyen and Xing Xiong, “Rate adaptive Multicast in Mobile Ad hoc
Networks”, IEEE International Conference on Ad hoc and Mobile Computing,
Networking and Communications, WiMob, Montreal, Canada, 2005
34. Sajjad Ali & Asad Ali, Performance Analysis of AODV, DSR and OLSR in MANET,
Department of Electrical Engineering with emphasis on Telecommunication Blekinge
Institute of Technology, Sweden 2009.
http://www.bth.se/fou/cuppsats.nsf/all/252aefb4936b9db3c12576b20053b8a5/$file/Pe
rformance%20Analysis%20of%20AODV,%20DSR%20and%20OLSR%20in
%20MANET.pdf [Accessed July – August 2010]

Page
81

OPNET - MODELER - MANET Attacks Thesis

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

OPNET - MODELER - MANET Attacks Thesis

Uploaded by

Copyright:

Available Formats

Mobile Ad hoc Network Security Issues

School of Computing, Engineering and Physical Sciences

University of Central Lancashire

For MSc Computer Networking

Name: Sheraz Salim Master Project CO4804

I always thank to ALL-MIGHTY ALLAH, who gave me power and courage to

Name: Sheraz Salim Master Project CO4804

Name: Sheraz Salim Master Project CO4804

Name: Sheraz Salim Master Project CO4804

Name: Sheraz Salim Master Project CO4804

Name: Sheraz Salim Master Project CO4804

Mobile Ad hoc Wireless Network

Name: Sheraz Salim Master Project CO4804

Name: Sheraz Salim Master Project CO4804

Figure 1.1 Mobile Ad hoc Network.[32]

 The wireless medium has no complete or no certainty visible limitations

 The wireless medium is defenceless from outside the channel signals.

 The wireless medium is considerably less undependable then wired media

 The phenomena of hidden terminal and exposed terminal may occur

Name: Sheraz Salim Master Project CO4804

1.3 Project Structure

Name: Sheraz Salim Master Project CO4804

Name: Sheraz Salim Master Project CO4804

2.2 Data Link Layer Attacks

Name: Sheraz Salim Master Project CO4804

IEEE 802.11 attack

Virtual Jamming attack 802.11

Name: Sheraz Salim Master Project CO4804

Figure 3.1 Virtual Jamming attack 802.11

2.2.3 Traffic Monitoring and Analysis Attack

Single adversary attack (SAA)

Colluding adversaries attack (CAA)

Name: Sheraz Salim Master Project CO4804

2.3 Network Layer Attack

2.3.1 Routing Protocol

Name: Sheraz Salim Master Project CO4804

Proactive (Table Driven Routing Protocols)

• Topology Dissemination Based on Reverse Path Forwarding (TBRPF)

Reactive (On- Demand Routing Protocols)

The examples of different varieties of proactive protocols are given below:

• Dynamic Source Routing Protocol (DSR)

Name: Sheraz Salim Master Project CO4804

Other Routing Protocol

• Hazy Sighted Link State HSR

Comparison of Proactive, Reactive and Hybrid Routing

Proactive Rapid establishment of Convergence time is slow,

Reactive Obtain the required path Routes are not up-to-date,

Hybrid Up-to-data routing Required more resources for

Name: Sheraz Salim Master Project CO4804

Table 4.Comparison of Routing Protocols [7]

Attack on Network Layer

Figure 2.1 MANET malicious node access attack on network

Name: Sheraz Salim Master Project CO4804

Routing table overflow attack

Routing table poisoning attack

Route cache poisoning attack

Name: Sheraz Salim Master Project CO4804

Packet forwarding attacks or Advance attacks

Black hole attack

Classification of wormhole attack

• Wormhole using Encapsulation

Name: Sheraz Salim Master Project CO4804

Wormhole using Encapsulation

Throughput=Number of delivered packetPacket size8/Total duration of simulation