JOURNAL OF TELECOMMUNICATIONS, VOLUME 36, ISSUE 1, FEBRUARY 2017

Blackhole Attack Effect Elimination in VANET Networks

Using IDS-AODV, RAODV and AntNet Algorithm
Rand S. Majeed and Mohammed A. Abdala

Abstract In vehicular ad-hoc networks, security is one of the most challenging problem. This is because of the nature of the network
that has high speed, mobility and large amount of network entities, so the controlling of network becomes more difficult and may lead the
network to be vulnerable to the security attacks that affect its performance. One of these attacks is the black hole attack, which is a network
routing attack that takes advantage of the route discovery procedure of routing protocol, to show itself as having the shortest path to the des-
tination node or to the node that wants to take its packets. In this paper, AODV was chosen to be the routing protocol to transmit traffic mes-
sages between vehicle nodes. There are several number of mechanisms to improve the security of AODV routing protocol against blackhole
attack. Three classifications of scenarios were implemented in this paper using NS2 simulator (for network simulation) with SUMO simulator
(for traffic network simulation) include: scenarios without attack's effect, the scenarios under black hole effect, and scenarios with implement-
ing suitable solutions. IDS-AODV, RAODV which are modifications of AODV and AntNet algorithm were used to eliminate the effect of black-
hole attack with single and multiple attackers effect. The results of total number of dropped packets was obtained, analyzed, compared, and
shows an improvement of AODV routing protocol performance.

Index Terms SUMO; NS2; AODV; RAODV; IDS-AODV; AntNet.

1 INTRODUCTION
VANET networks are one of the modern wireless net-
work classes. They are known as one of ad-hoc net-
works that enable real-life applications such as com-
munication between nearby vehicles or between vehi-
cles and road side equipments [1]. Vehicular networks
system domain can be divided into: the mobile domain,
the infrastructure domain, and the generic domain.
There are three types of communications in VANET
networks that allow vehicles to communicate with each
others or with nearby road side equipments which
include: Vehicle-to-Vehicle (V2V) communication, Ve-
hicle-to-Infrastructure (V2I) communication, and Vehi-
cle-to-Broadband (V2B) communication [2]. Fig. 1. VANET architecture [3].
C2C-CC is the proposal reference architecture for
VANET networks. It contains three domains: in-vehicle,
ad-hoc, and infrastructure domains. Fig. 1. illustrates 2 SECURITY IN VANET
this reference architecture. The in-vehicle domain re- In VANET, as the need for service discovery is in-
fers to the local network inside each vehicle which con- creased, drivers may generate security problems for
tains two types of units: an on-board unit (OBU) which themselves or for the other users in the network. The
is responsible for communication capabilities like (wired node conductance in VANET network is an important
or wireless), and one or more application units (AUs) issue because it may threaten the delivery of service
which has the responsibility of executing a single or a and security of communication. It may behave as self-
set of applications. The AU and OBU can be connected ish node by not allowing messages to forward to other
using wired or wireless connections. The ad-hoc do- nodes in the network, so there is a need for appropriate
main can be composed with roadside units (RSUs). An security architecture to ensure security communication
RSU can be connected to an infrastructure network and detect selfish nodes in vehicular network [1].
which can be connected to the Internet [1].
2.1 SECURITY REQUIREMENTS
In VANET networks, the message transmission model
depends on the type of services that is divided into: ITS
R. Majeed. is with the Department of Networks Engineering, College of safety services which deal with broadcast transmission
Information Engineering, Al-Nahrain University, Bagdad, Iraq.
Assis. Prof. Dr. M. Abdala. is with the Department of Networks Engineer-
and non-ITS services which deal with multicast and
ing, College of Information Engineering, Al-Nahrain University, Bagdad, unicast transmission models [1]. To ensure the security
Iraq. of transmission, number of security requirements
should be presented in VANET networks as the follow-
2
ing:
Availability: It includes that each node in
the network is capable to send messages
at any time [4].
Access Control: it is important to attach
every node in the network with fixed roles
and determines what each node can do in
the network and type of the messages that
can be generated by it [5].
Message Confidentiality: is used to ensure
that the message is read only by authorized
parties in communication group [5].
Authentication: it means that the message
generation should be done by legal user [6].
Privacy: the privacy of vehicle nodes should
be ensured against unauthorized nodes [6].
3 BLACKHOLE ATTACK
In this attack, the attacker node advertises itself as
having a shortest path to the node that want to take its
packets. So, it takes the advantages of route discovery
of routing protocol procedure. In this way, it always has
the ability in replying to the route request and thus in-
tercept the data packet. Blackhole attacks are classi-
fied into two categories [7]:
Single Blackhole Attack: only a single
node behaves as a malicious within a net-
work.
On Collaborative Black Hole Attack: mul-
tiple nodes behave as malicious nodes with-
in a network.
Blackhole attack has mostly affect proactive routing
protocols, and greatly affect AODV routing protocol.
After advertising itself as having a shortest path, it
takes the packets without forwarding them. Any node
wants to send data it will send firstly a Route Request
Message to all neighbors including black hole node.
The black hole node is the first node that reply the
sender node by sending the Route Reply quickly back
to that node. When the sender node receives the reply
message, it begins transmitting packets to the at-
tacker's node path. Then the packets will be dropped
after received by the attacker node [8]. Black hole at-
tack in AODV protocol can be performed in two ways
[9]:
Black hole caused by RREQ: the mali-
cious node sends a fake RREQ (Route Re-
quest) message to form blackhole node.
Black hole caused by RREP: The mali-
cious node may generate a RREP (Route
Reply) message to form Black hole.
4 PROPOSED SOLUTIONS
Three solutions were used to eliminate the effect of
blackhole attack in the case of single and multiple
blackhole attacks and improve security of AODV Rout-
ing protocol on the ad-hoc vehicular network. These
solutions are:
R-AODV (Reverse-AODV)
The proposed R-AODV protocol was used to
eliminate the effect of blackhole attack by dis-
covering routes using a reverse route discovery
procedure. The source and destination nodes
send the control messages in the same way dur-
ing the discovery procedure. The destination
node floods reverse request (R-RREQ), to find
source node after receiving RREQ message.
The source node starts transmitting packets af-
ter receiving (R-RREQ) message [10].
IDS-AODV (Intrusion Detection System-
AODV)
Intrusion Detection System can be defined as a
system software used for monitoring the events
occur in the network or the computer system
and analyzing the behaviors of malicious nodes
that deal with confidentiality, integrity and avail-
ability of a computer system [11].
Ming-Yang Su suppose a mechanism called Anti
Blackhole Mechanism (ABM) and an IDS
scheme to solve the problem of blackhole at-
tack. The IDS node in the beginning execute the
ABM function in sniffing mode. The value of the
dubious node can be evaluated by ABM be-
cause of the illegal difference among the routing
informations sent from this suspicious node. Af-
ter the normal node receives message sent from
the IDS node, the malicious node is added to the
block table. Then the normal node replies with
RREP to establish routing table. If the reply re-
ceived from the node listed in the block list, the
normal node drops this reply to prevent the at-
tacker node [12].
ACO (AntNet Colony Optimization) Algorithm
The AntNet Colony Optimization can be defined
as the algorithm of optimization family that is
based on the real ants behavior. the ants in this
algorithm explore the network to find the optimal
path, then update the routing tables, and estab-
lish the statistical model for traffic transmitted by
nodes in the network [13].
5 SIMULATION DESIGN
two simulators were used to simulate VANET network
by making the integration between them: SUMO (Simu-
lation of Urban Mobility) [14] version 0.25.0 as a traffic
 3

simulator was used to simulate real time vehicular sim-
ulation and NS2 (network simulation) [15] version 2.35
as a network
simulation to simulate VANET network with defining
suitable parameters as shown in Fig. 2.
three sets of scenarios were running, including:
First set of scenarios which includes running the
simulation of AODV routing protocol scenarios
with changing speeds and number of nodes to
see what happens to their performances.

Second set of scenarios includes running of

simulation of AODV routing protocol under the
effect of blackhole attack to see how it affects
the performance of AODV.

Third set of scenarios includes running

simulation scenarios with implementing so-
lutions for single and multiple blackhole at-
tacks then compare the results of them.

Fig. 2. Integration between SUMO and NS2.
6 RESULTS
In this paper, the total dropped packets matric was
measured to show the performance of VANET net-
work under the effect of blackhole attack and how it
improves with using the proposed solutions.

Table 1 shows the parameters used for the For single blackhole attack, RAODV solution was
simulation. AODV routing protocol was used, used to improve the performance of AODV routing
Wireless channel for wireless connection, sig- protocol as shown in figure 3.
nals were propagated using omni antenna,
number of nodes equals to (100), were posi-
tioned randomly over (2700 * 2700) meter area,
the simulation time was 600 seconds, and the
IEEE 802.11p VANET MAC protocol was used.

Table 1

Network simulation parameters.

Parameter Value

Type of channel Wireless channel

Type of antenna Omnidirectional Fig. 3. Total Dropped Packets for 100 nodes with RAODV
for single blackhole attack.
Propagation Model Two Ray Ground

Packet Length 512 Byte The AntNet and IDS-AODV solutions can be
used for single and multiple blackhole attacker
Traffic Type UDP nodes.
For single blackhole attack, figures 4 & 5
Simulation Time 600 sec shows how the performance of AODV routing
protocol in VANET can be improved using
Routing Protocols AODV
AntNet and IDS-AODV solutions.
Type of channel Wireless channel

No. of nodes 100

Speeds (kmph) 40,50,60,70

Simulation area (m) 2700*2700

4
Fig. 4. Total Dropped Packets for 100 nodes with AntNet for
single blackhole attack.
7 CONCLUSION
Fig. 5. Total Dropped Packets for 100 nodes with IDS-
AODV for single blackhole attack.
For multiple blackhole attacker nodes figures
6 & 7 shows how the performance of the
AODV routing protocol will improve using
AntNet and IDS-AODV soloutions to eliminate
the effect of the attacker nodes.
REFERENCES
[1]
Fig. 6. Total Dropped Packets for 100 nodes using AntNet
for multiple blackhole attacks.
Fig. 7. Total Dropped Packets for 100 using IDS-AODV for
multiple blackhole attacks.
The blackhole attack is one of the attacks that has a
high effect on the performance of AODV routing pro-
tocol. The number of dropped packet increases with
increasing the number of blackhole attacker nodes.
The RAODV is an efficient solution that improve the
performance of AODV under the effect of single
blackhole attacker node. It decreases the number of
loss packets because the RAODV eliminates the ef-
fect of blackhole attack by discovering routes using
reverse route request message.
IDS-AODV improves the performance of AODV rout-
ing protocol under the effect of blackhole attack by
detecting and preventing this node from hacking
packets and put it in the blocklist. However, it has a
drawback of having a high delay compared with Ant-
Net and RAODV solutions.
The performance of VANET network is affected by the
number of nodes and speed. In this paper it was seen
that with increasing the speeds, the number of total
dropped packets was increased because when the
speed of nodes increased, this may made the source
to be far from the destination and hence increases the
number of dropped packets.
AntNet algorithm has the least efficiency comparing
with IDS-AODV in case of multiple blackhole attack
because it deals with small number of nodes. When
the number of nodes increase, its efficiency in solving
attacks problems will be reduced.
Hassnaa Moustafa, Yan Zhang, vehicular networks
techniques, standards, and applications, Taylor & Francis
Group, LLC, US ,2009.
 5

[2] Wenshuang Liang, Zhuorong Li, Hongyang Zhang, Shenling

Wang, and Rongfang Bie, Vehicular Ad Hoc Networks:
Architectures, Research Issues, Methodologies, Challenges,
and Trends, International Journal of Distributed Sensor
Networks, 2015.
[3] Abdul Kalam Kunnel Aboobaker and Dr. Stephen Wolthusen
Performance analysis of Authentication Protocols in
Vehicular Ad Hoc Networks (VANET), Department of
Mathematics, Royal Holloway, University of London,
UK,2009.
[4] Maxim Raya and Jean-Pierre Hubaux, Securing vehicular
ad hoc networks, Journal of Computer Security, 2007.
[5] Al-Sakib Khan Pathan, security of self-organizing networks
MANET, WSN, VANET, Taylor & Francis Group, LLC, US
,2011.
[6] Parul Tyagi and Deepak Dembla, A Taxonomy of Security
Attacks and Issues in Vehicular Ad-Hoc Networks
(VANETs), International Journal of Computer Applications,
Vol. 91, No.7, April 2014.
[7] Nidhi Gupta, Sanjoy Das and Khushal Singh, A
Comprehensive Survey and Comparative Analysis of Black
Hole Attack in Mobile Ad-Hoc Network, International Journal
of Computer, Electrical, Automation, Control and Information
Engineering, Vol.8, No.1, 2014.
[8] Jaspal Kumar, Muralidhar Kulkarni, and Daya Gupta, Effect
of Black Hole Attack on MANET Routing Protocols,
Computer Network and Information Security, 2013.
[9] Sheenu Sharma and Roopam Gupta, Simulation Study of
Blackhole Attack in the Mobile Ad-hoc Networks,
International Conference on Network Applications, Protocols
and Services, Malaysia, 2008.
[10] Chonggun Kim, Elmurod Talipov, and Byoungchul Ahn, "A
Reverse AODV Routing Protocol in Ad Hoc Mobile
Networks, 2006.
[11] Shivani Sharma and Tanu Preet Singh, An Effective
Intrusion Detection System for Detection and Correction of
Gray Hole Attack in MANETs, International Journal of
Computer Applications, Vol. 68, No. 12, april-2013.
[12] Fan-Hsun Tseng, Li-Der Chou and Han-Chieh Chao, A
survey of black hole attacks in wireless mobile ad hoc
networks, Human-centric Computing and Information
Sciences, 2011.
[13] Shuchita Upadhyaya and Richa Setiya, "AntNet: Modified
Routing Algorithm for Packet Switched Networks, VOL. 2,
NO. 1, Jul-2009.
[14] http://www.dlr.de/ts/en/desktopdefault.aspx/tabid-
9883/16931_read-41000/
[15] http://www.isi.edu/nsnam/ns/