Professional Documents
Culture Documents
On
PREVENTION OF DOS AND BLACK HOLE ATTACK IN
AODV
For the award of the degree of
Master of Technology
Submitted by Supervised By
Sachin Gupta Mrs. Harsha Chawla
The cellular networks or mobile networks are a communication networks where the last
link is wireless. The networks to be distributed over land areas called cells, each served
by at least one fixed-location transceiver, known as a cell site or base station. The
wireless cellular systems are being used since 1980s. We have seen their evolutions such
as first, second and third generation's of cellular wireless systems. These systems work
with the support of a centralized supporting structure such as the access point. In ad-hoc
network wireless users can be connected with the wireless systems with help of these
access points, when they want to roam from one place to the other. The adaptability of
the wireless systems is limited by the presence of a fixed supporting coordinates. Its
mean that the technology cant work efficiently in the places where is no permanent
infrastructure. Such type the fast network deployment is not possible with the existing
introduced a fresh type of a wireless system that is frequently known mobile ad-hoc
networks.
The mobile ad-hoc networks control does not depends upon the permanent preexisting
infrastructure. The mobile ad-hoc networks offers quick and horizontal networks
deployment in certain conditions where it is not possible otherwise. The Ad-hoc word is
a Latin word meaning of that is "for this or for this only." Mobile ad-hoc networks are an
operates as an end system and a router for all other nodes in the network. The wireless
networks are a growing new technology that will allow users to access services and
can be classified into two types such as infrastructure networks and infrastructure less
networks. Infrastructure network consists of a network with fixed and wired gateways. A
mobile node or host interacts with a bridge in the network known as base station within
its communication radius. The mobile nodes are able to move geographically while these
are communicating with others. When mobile node goes out of the range of one base
station, it connects with other new base station and starts communication. This is known
The Mobile Ad-Hoc Network is a group of wireless mobile nodes in that nodes to be
of direct wireless transmission. The Ad-Hoc network does not need any types of
points, and can be quickly and inexpensively set up as needed. In other words we can
say MANET is an autonomous group of mobile users that communicate over the
reasonably slow wireless links. The network topology may vary rapidly and
unpredictably over time, because the nodes are mobile. The MANET is decentralized,
where all the networks activity, including discovering. The topologies and delivery of
the messages must be executed by the nodes themselves. Hence routing functionality
Figure 1.1 Example of a simple ad-hoc network with three participating nodes
The Mobile Ad-Hoc network is a collection of independent mobile nodes that can
communicate to each other via radio waves. The mobile nodes are able to directly
communicate to those nodes that are within the range of radio range of each other, and
node beyond the communication range need the help of intermediate nodes to route their
packets. These networks are fully distributed, and can work at any place without the help
of any infrastructure. This property makes these networks highly robust. In Figure 1.1
nodes A and C must discover the route through B in order to communicate. The circles
indicate the nominal range of each nodes radio transceiver. Node-A and Node-C are not
in the direct transmission range of each other, since Node-As circle does not cover the
Node-C .So if A want to send a data to C it is obvious to involve B to forward the data
from A to C. Here B acts as an intermediate node. Without node B A cannot send the
data to C.
mobile routers (and associated hosts) connected by wireless links the union of which
forms an arbitrary topologies. The participating nodes acts as a router are free to move
randomly and manage themselves arbitrarily. Thus the wireless network's topology may
Mobile Ad-hoc Networks is a collection of group of wireless mobile node, i.e wireless
devices. The wireless nodes are connecting dynamically and sharing the information.
Basically there are two types of mobile ad-hoc networks: Infrastructure based and
networks with fixed and wired gateways. The bridges for wireless networks are known
as base station [1].The personal computer make wireless node using the wireless LAN
card, the PDA (Personal Digital Assistants) or Smartphone, the laptop or wireless
devices.
Fig.1.1 is defining the mobile ad-hoc network and how to communicate one wireless
device to another wireless device. A wireless node can be tackle of any employs. The air
Due to the issue in an Ad-Hoc wireless network environment discussed so for the wired
network routing protocols cannot be used in Ad-Hoc wireless networks. Hence Ad-Hoc
wireless networks always require specialized routing protocols that address all those
challenges that are described above. The routing protocols for the Ad-Hoc wireless
It must be fully distributed as like centralized routing involves the high control
more fault-tolerant than centralized routing, which involves the risk of single
point of failure.
the nodes.
nodes. Each node in the network must have quick access to the route, that is,
It must be localized, as the global state maintenance involves a huge state of the
broadcasts made by each node. All transmissions should be reliable to the reduce
It must be covered to the optimal routes once the network topology becomes
Every node on the network should try to store the information regarding stable
traffic.
The Mobile Ad-Hoc Network nodes are furnished with wireless transmitters and
(broadcast), probably steerable, and combination thereof. At the given point in time,
depends on positions of nodes, their transmitter and receiver coverage patterns, the
connectivity in the form of a random Ad-Hoc network exists among the nodes. This
Dynamic topologies: In this nodes are free to move randomly, thus the network
topology that is typically multi-hop, may be changed randomly and rapidly at the
links.
Network may rely on power bank like a battery or other exhaustible means for
their energy. For all of these nodes the most important system design criteria is
communications are often more less than a radio's maximum transmission rate.
Limited physical security: The mobile wireless networks are normally much
prone to the physical securities threats than fixed-cable nets. The increased
approaches.
Energy constrained function: Because battery used in every mobile node have
certain restricted power supply, limited processing power, which in turn limits
services and applications supported by each and every node. It becomes a big
issue in MANET because, as each node is act as a router and an end system at
the same time, to forward packets from other node addition energy is required.
can easily move randomly, the network topology, which is normally multi-hop,
a router and forwards each others packets information to enable the sharing
Variation within a link and node capability of node: Each node ready with
Deployment cost is low: Ad hoc networks can be deploy on the fly, for this
reason no more costly infrastructure such as copper wires or data cables is not
required.
Fast and easy deployment: Ad hoc networks are very well-situated and simple
to deploy, since there are no cables involved. So the deployment time can be
reduced.
very easy to change the networks topology of a wireless mobile ad-hoc network.
MANET has different feasible application. Some of them include emergency search-
rescue operations, communication in the battlefield during moving vehicles and soldiers.
Sensor networks:
electronic
environmental conditions.
Tactical networks:
Military communication
Military operations
In the battlefields
calamities.
Policing.
Coverage extension:
Education:
Classrooms.
in a random manner. Links of the network vary timely and are based on the
automatically
wireless links
storage capacity.
number of nodes.
implemented.
1.2 Motivation
Mobile Ad-Hoc Networks are most usefully in current environments. Its required high
performance, networks load and Throughput. In Mobile Ad-hoc Networks Routing is the
hot topic for research. Basically two types routing protocols are work in the mobile Ad-
routing algorithm. Important work has been done on routing in ad hoc networks, some of
the important works so far were the destination-sequence distance vector (DSDV)
protocol, the temporally ordered routing protocol (TORA), dynamic source routing
protocol (DSR) and ad hoc on demand routing protocol (AODV). These algorithms use
Open Shortest Path First (OSPF) for find optimum route source to destination.
Malicious node is the main responsible for disturb the correct operation and reduce the
performance and throughput. Only malicious node is responsible for all possible attack
In Ad hoc network where node work as a mobile and changing their position
node.
number of nodes increase, Throughput will decrease and End-to End delayed
increases.
1.4 Goal
In Mobile ad hoc network Routing is primarily and most important concept for
communication in the network. The aim of routing is to find out and select the best route
between communicating node, when a communication take place between nodes in the
network intermediate node play a important role because when source node send route
request to destination node and destination node give reply of the route request to source
destination, then create a route reply and sends the route reply to the source node
The DSDV (Destination Sequenced Distance Vector Routing protocols), WRP (wireless
Routing protocol), OLSR (Optimized Link State Routing Protocol) is the Table driven
Routing protocols and AODV (Ad-hoc On-Demand Distance vector routing protocol),
DSR (Dynamic Source Routing protocol) are the On-Demand Routing Protocols.
It is also called Proactive Routing Protocols. The Proactive means it works or maintains
the routing information before the source node wants to send packet or information to
the destination. The Table Driven Routing protocols maintain the updated path from
each to every node available in the networks. In these protocols every node needs to
maintain the routing table for storing the routing information. When topology of network
gets any changes, then routing table also get updated and stores the fresh or up-to date
information.
The Destination sequence distance vector routing protocols (DSDV) is the Table Driven
algorithm is used for finding the optimum path or route in the network. The Fig1.3 (a) is
DSDV routes establish for mobile networks. In this network nodes are connected to each
other. Table 1.1 (b) here is defining the routing table for Node 1. Node 1, routing table
is storing the information of every node connected to the network. The routing table
consists of information like Destination from Node 1, Next hop, Distance between Node
8
2
6 7
1
2 2 1 22
3 2 2 37
4 2 2 41
5 2 4 50
6 2 3 99
7 2 4 121
8 2 5 109
In this protocol every node maintains a routing table that lists all current destinations.
The number of hops required reaching source node to destination node and sequence
route from new one and also to ignore the configuration loops. The node has frequently
broadcast their routing table to their immediate neighbors. Every node also broadcast its
routing table, if any change has occurred in its table from the last update.
In Fig 1.4 (a) and Table 1.2 (b) Node 7 is disconnected from Node 6 and established
connection with Node 8. So the routing table of Node 7 updated. Node 6 notices the
Table Driven routing table updates are of two types: Full dumps and Incremental
updates. If the routing table updating is full dump, then the whole routing table to be
sends to the neighbors node. It update incrementally, only position changed entries sent
from the routing table since the final update and fit in a packet.
4 5
3
8
2
6 7
1
7
2 2 1 22
3 2 2 37
4 2 2 41
5 2 4 50
6 2 3 99
7 2 4 121
8 2 5 109
When MANET network is stable, then incremental updates are sent to avoid over traffic.
If space in the update increments, then those entries whose sequence number has been
changed may be included. If two routes have the same sequence number then based on
the previous information or record, the shortest route will choose by the node and also
guess the settle time of routes. DSDV protocol reduces the Count to infinity problem and
similar to DSDV. The WRP protocols can hold the routing information about all
communicating nodes in the network. WRP protocol maintains the precise and up-to-
date information about the network. In each node four routing tables were maintained
namely Message Transmission List (MST) are maintained. Distance Table (DT), Link
The Distance Table (DT) consists of the destination node of distance and predecessor
information of destination is maintained by the Routing Table (RT). It also records the
hop number, shortest distance of path, from source to destination, predecessor &
successor node and flag. The flag indicates the status of the path. These are simple path
or a loop or the destination node not marked. Therefore this protocol avoids the problem
of counting-to-infinity. The Link Cost Table contains cost, hop number and periodic
updates. The broken link cost is denoted by (). The Message Transmission List (MSL)
contains retransmission of counter, the sequence Number, list of updates for updating of
the messages.
Update each message maintains the list of updates. Each and every transmission, the
counter value is decreased. The entry of each node is stored in Routing Table (RT). Each
node propagates the update messages within the network. If a node is not sending the
update messages, then it must send any other nodes message within the time for
then the new node entry must stored in the route table for avoiding the count-to-infinity
problem.
is also a pure link state routing protocol. Optimized Link State Routing (OSLR) hold
request message i.e. hello message and Topology Control (TC) Messages to search the
The protocol manages neighbour sensing, MPR selectors (Multipoint Relay) and MPR
information. Each node are using MPR selectors for selecting one-hop & two-hop
neighbours and also for periodically broadcasting the messages over the network. The
neighbour sensing hello messages contains list of the address of neighbours with
bi-directional link or two- hop neighbours. The neighbour node is selected on the basis
of MPR selectors. Each node selects its own set of Multi Point Relay. MPR information
The TC messages use the MPR selector table and sequence number to send their updates
throughout the network. The TC messages and routing tables were maintained by the
topology table. Each node maintains routing table. It consists of Destination address,
Next-hop-address and Distance for all known destination in the network. Routing paths
are calculated by the topology tables and recalculated after every updates in the network
gets message using topology control message. Therefore, entry exist in topology table
for the same destination with higher sequence number, then the TC message for same
destination with low sequence number is discarded and also the new entry is recorded
An on-Demand routing strategy creates and maintains path between source and
destination only when required and does not maintain a permanent routing entry in
Discovery of Route: When the source node, S wants to send a packet to the
destination node, it first checks its routing table to find the route to the
destination, if it is there, then the same route will use. Otherwise, it initiates
nodes changes their topology and hence the route maintenance must do.
(acknowledgement).
based on distance vector routing protocol. The routes were created only when needed for
In AODV [3], Ad-hoc means node move or connected or disconnected with the
networks any time, On Demand means when a source node, S wants to send data to the
destination, D, Distance means find the distance between source to destination in terms
of number of hope counts and Vector means list of information stored in the nodes
information list.
Every transmission using Source Address, Destination Address, Source ID, Destination
ID, Source Sequence Number, Time to Live (TTL) Destination Sequence Number.
These protocols use the Open Shortest Path First (OSPF) method/Algorithm. The
AODV algorithm uses some approaches for path or route establishment [13].
Route Request (RREQ): In Route Request source node broadcast/transmit the route
request message for specific destination neighbors node to pass the message to
destination
Route Reply (RREP): In Route Reply, destination uses the unicast route for reply
message to source. The neighbor nodes make next hop entry for destination and forward
the reply. If source receives multiple replies then it use the replies whose one with the
source node sends the broadcast packet with sequence number and destination sequence
Route Error (RERR): When a route error message is generated in the network then
there is a network link break between sources and destination. The AODV routing
protocols detects nodes if there is possible do the local repairing. When link break
occurred in optimum path then the neighbouring node to sent previous request for
RREQ
3 4
Source Destination
1 8
5 6
2 7
Fig 1.5 is a mobile wireless network. Node 1 (Source) to Node 8 (Destination Node)
flood the route request packets with a source sequence within the network. Node 1 send
1 8
Source 5 6 Destination
2 7
In Fig 1.6 Destination uses the unicast path for the route reply. Destination in the figure
defining the freshness of the route/path. In network source node counts the number of
hop to reach the destination and find the route with minimum number of hopes. Source
RERR
3 4
1 8
Source 5 6 Destination
2 7
route error (RERR) packet to its neighbors, which in reply propagates the RERR packet
towards the node whose routes may be affected due to the disconnected link. Then, the
affected source node can re-initiate a route discovery process if the route is still desired.
Neighbor node informs all other neighbors in the network that this link does not exist,
so dont send any packet on that link. In Fig 1.7 there is a link break between Node 4
and Node 8.So node 4 informs Node 3 that there is a link break so choose another
optimum path.
The AODV protocol does not require any such inner organizational
In AODV routes are established on the demand basis and that destination
sequence numbers are applied for finding the latest route to the
destination node.
The AODV protocols are loop free and avoid the count to infinity
problem.
source routes that it is aware of. The node update entry in the route cache and it learn
Route Discovery
Route Maintenance.
When source node wants to send information or packet to the destination, it searches in
the route cache to find out whether there is an existing route to destination, if it found
that unexpired path to the destination exists in route cache, and then it uses this
path/route to send the packet or information. But if node does not have any route then it
starts the route discovery process using broadcasting/transmitting a route request packet.
The route request packet has source address and also has unique identification number.
Every middle node checks whether it knows the route to destination. If it does not know,
then it stores address to the route record of the packet and pass the packet to its
neighbors.
A route reply message generated either the middle node or destination node with up to
date information about the destination after receiving the route request packet. A route
request packet reach at node already contains in the route record, the sequence of hops
are taken from the source to this node. The route request packet propagates through the
networks.
13
Route Reply
12
11 Path1: 1-2-3-7-9-13-15
9 Path2:1-5-4-12-15
8 Path3:1-6-10-11-14-15
10
4 7
5
3
6
2
1
Source ID
The route record is produced below as shown in Fig 1.8 if route reply is generated by the
destination node, after this it places a route record from the route request packet into the
route reply packet. If middle node generates route reply then it stores its cached route
and sends to destination with route record of route request packet and adds that into the
route reply packet sent by destination has a route to source. If it has route to the source
in its route cache then it will use that route. The reverse of route record use, if symmetric
links are supporting. If symmetric link are not supporting then the node can start route
discovery to source and can attach the route reply to this new route request.
Destination ID
Network Link
15
14 Select Path
13
Route Error
12
11 Broken Link
8 9
10
4 7
5
3
6
2
1
Source ID
The route reply packet individually sent by destination itself. The node responding to
route reply packet sent by destination has a route to source. If it has route to the source
links are supporting. If symmetric link are not supporting then the node can start route
discovery to source and can attach the route reply to this new route request. The DSR
routing protocols use two type of packets for route maintenance: Route Error and
Acknowledgements.
When a node encounter a deadly broadcast problem at data link layer then it generate
route error packet. When nodes receive the route error packet, it will remove the hop
from its route cache. All routes that contain the hop in error are reduced at that position.
Acknowledgement packets are used to verify the proper operation of the route link. Also
include the passive acknowledgment in which the next hop passing the packet next to
the route.
The Hybrid routing protocol is combination of the both such as reactive and proactive
Routing Protocols and also to decrease the latency caused by route discovery within
ZRP was planned to minimize the control overhead of the proactive routing protocols
and discovery in the reactive routing protocols and also decrease latency caused by the
route. The ZRP consists of several numbers of components, and these together
The IARP is the first component of ZRP. The IARP is used for the communication with
the interior node inside a zone. If a network topology change, node may get change
rapidly. it allow for only local route. IERP is a global reactive component of ZRP. It
uses the reactive approach to communicate with nodes outside the zone. It changes the
way a route discovery is handled. The route queries issued by IERP is when request for
the route issue. BRP is used to direct the route request initiated by a global reactive
Literature Survey is discussed in the chapter 2, this section is covered with various
In chapter 3 various attacks in AODV and Problem statement are discussed such as Dos
and Blackhole attack, malicious node and problem statement due to Denial of service
The chapter 5 and 6 consists of the experimental results and conclusion here defines the
discussed about the initials developed networks and after add malicious node for build
up the Denial of Service and Black Hole attacks. Provide the results both environments
in terms of End-to-End delay and Throughput. And Conclusion and future work of
thesis.
Channel: In this physical medium is divided into logical channel allowing possibly
shared uses of the medium. Channels are made by available subdividing the medium
Convergence: The process of approaching a state of the equilibrium in that all nodes in
the networks are agree on a consistent state about the topology using in the network.
Link: A communication facility or a medium over which nodes can communicate at the
link layer.
Loop free: Once a path has been taken by a packet never transits the same intermediate
Neighbor: The node within transmitter range of another node on the same channel.
particular destination.
node to another place such as destination node on the internetwork. At least one
information. In the routing normally two activities to be involved in this concept such
that first one is as determining optimal routing paths and second one is that transferring
of the packets through the network. The transferring of data packets on the network
metrics as a standard measurement for calculating a best path for routing the packets to
its destination on the network that could be number of hops, which are used by the
algorithm known as routing algorithm to determine the optimal path for the packet to its
destination. In path determination process a routing algorithm find out and maintain
routing tables that has routing information of the network on that data packet has to
transfer. The information of route in routing tables varies from one routing algorithm to
another. The routing tables to be filled with the entries such as IP-Address prefix and the
next hop. Destination/next hop associations of routing table tells the router that a desire
location can be reached optimally by sending the data packet to a router in the network
represents the next hop on its way to the find the destination and IP-Address prefix
specifies destinations for which the routing entry is valid. The routing protocol may be
classified into two types such as static routing protocol and dynamic routing protocol.
the router. Static routing maintains a routing table usually it is written by a networks
administrator. The routing table never depend upon the situation of the network status,
i.e., whether the destination node is active or not. Dynamic routing refers to the routing
routing protocol. Such type routing primarily depends on the situation state of the
network i.e., the routing table is affected by the activeness of the destination.
and decentralizes networks, where the state of the structure of the network changes
dynamically. This is mainly cause of the mobility of the nodes in the network; nodes in
the networks always try to utilize the same random access wireless channel of the
forwarding. The mobile nodes in the network only does not acts as a hosts, but also as
routers that route data to from the others nodes in network. In mobile ad-hoc networks
there is no need of pre existing infrastructure support as wireless networks, and since a
destination node might be out of range of a source node to transferring data packets; so
that there is need of a routing procedure. This is always ready to find a path so as to
forward the data packets appropriately between the source node and the destination
node. Within a cell, a base station can reach to all mobile nodes without using a routing
via broadcast in common scenario of the networks. In Ad-Hoc network each node must
be able to forward the data packets for other nodes. This always creates additional
changes problems along with the nature of dynamic topology which is unpredictable
connectivity changes.
i). Distributed operation: This is a property of Ad-Hoc routing protocol in this the
that controls the network. The dissimilarity is that the nodes in an Ad-Hoc network is
able to leave or enter in the network very easily because of mobility the network can be
partitioned.
ii). Loop free: The overall performance of the network can be improved with better
selection of the protocol. The routing protocol should be assurance that the routes
supplied are loop free and these avoid any misuse of the bandwidth or CPU
consumption.
iii). Demand based operation: To minimize the control overhead in the network it
should not misuse the network resources, protocol should be reactive in nature and
protocol should react only when it is needed and should not periodically broadcast
control information.
unidirectional links. Even not only the bi-directional links improves the routing protocol
it becomes more important to ensure the wanted behavior of the routing protocol we
have to need some sort of security issues. Authentication and encryption is a way of
delivery data packets and problem is that here within distributing the keys among the
vi). Power conservation: The nodes in the Ad-Hoc network may be the laptops and thin
clients such as PDA that are limited to the battery power and therefore uses some
standby mode to save the power. Therefore, it is very important that the routing protocol
vii). Multiple routes: To reduce the number of reactions in the topological changes and
congestion multiple routes can be used for data packet delivery. If one route becomes
invalid, it is possible that another stored route could be still valid and thus saving the
viii). Quality of Service Support: Some sort comings of Quality of service is necessary
to incorporate into the routing protocol. This helps us to find that what these networks
will be used for. It could be for instance real time traffic support.
chapter will discuss the various techniques and ways, proposed by different researchers
for preventing and avoiding different attacks and malicious nodes in AODV and
improve the packets delivery ratio in the network, end to end delay and throughput.
In this we will classify the field of attacks and counter measures and measure the
performance on the basis of different parameter like delivery ratio, end to end delay etc.
we will discuss the applicability of this field vividly in current network age with issues
ways, but most of these are done depending on routing strategy and network structure.
We can classify some routing protocols as a flat routing, hierarchical routing and
According to the routing strategy routing protocols can be classified as Table-driven and
source initiated.
Proactive Routing (table driven) protocols and second one is the reactive (on-demand)
routing protocols. There is one thing in general for both protocol classes is that every
node participating in routing play an equal role. Further they have been classified after
Proactive MANET protocols are also referred as table-driven routing protocols and will
actively determine the network layout. Through a regular exchange of topology of the
network packets between the nodes of the network, at every single node an absolute
scenario of the network is maintained. There is hence minimal delay in determining the
route to be taken.
When the routing information becomes worthless quickly its become important for the
time-critical traffic, there are many short-lived routes that can be determined and they
are not used before they turn invalid. The amount of traffic overhead generated when
evaluating these unnecessary routes is another drawback resulting from the increased
mobility. The portion of the total control traffic consists of actual practical data is further
decreased. Lastly, most of the routing information is considered redundant if the nodes
updating these unused entries in their routing tables as mentioned. In this situation
energy conservation is very important factor in the MANET system design. Therefore,
this excessive expenditure of energy is not desired in this case proactive protocols in
MANET works better. This protocol has low node mobility, where the nodes transmit
Portable notebooks nodes, palmtops or even mobile phones usually consist of wireless
Ad-Hoc networks. This portability also brings a significant issue of mobility. This is a
key issue in The Ad-Hoc Networks. Due to the mobility of the nodes the topology of
the network continuously changes. This is not a easy task to keeping track of this
topology, and too many resources may be consumed in signaling. These are based on
the design that there is no point on trying to have a scenario of the entire network
topology, since it constantly changes. Instead, whenever a node looks for a route to a
destination, it initiates route discovery process, for discovering out a pathway reactive
protocol try to set up routes on-demand. The basic purpose of routing protocol is to
establish such a route, whenever any node wants to communicate with another node and
it has no route. This kind of protocols is usually based on flooding of the message on
the network with RREQ and RREP messages. By the help of Route Request message
the route is discovered from source to target node and as well target node receives a
RREQ message it send RREP message for the confirmation for the route has been
Usually, it minimizes the number of hops for the selected path. However, on multi-rate
Both proactive and reactive routing protocols works better in the oppositely different
scenario and hybrid method uses both. It is used to find a balance between both
protocols are used for locating nodes that are outside the domains. Examples of hybrid
protocols are:
As the size of the wireless network increases produce too much overhead for the
MANET. In this circumstance a hierarchical solution may be preferable and these are:
1. Actual geographic coordinates (as obtained through GPS the Global Positioning
System).
searches for destinations. If the recent geographical coordinates are known then control
and data packets can be sent in the general direction of the destination. This trim downs
control overhead in the network. A disadvantage is that all nodes must have access to
their geographical coordinates all the time to make the geographical routing protocols
useful. The routing updates must be done faster in compare of the network mobility rate
to consider the location-based routing effective. This is because locations of nodes may
starting, multihop routing between participating mobile nodes wishing to establish and
maintain an ad hoc network. AODV allows mobile nodes to obtain routes quickly for
new destinations, and does not require nodes to maintain routes to destinations that are
not in active communication. AODV allows mobile nodes to respond to link breakages
and changes in network topology in a timely manner. The operation of AODV is loop-
free, and by avoiding the Bellman-Ford "counting to infinity" problem offers quick
convergence when the ad hoc network topology changes (typically, when a node moves
in the network). When links break, AODV causes the affected set of nodes to be notified
so that they are able to invalidate the routes using the lost link. One distinguishing
feature of AODV is its use of a destination sequence number for each route entry. The
destination sequence number is created by the destination to be included along with any
ensures loop freedom and is simple to program. Given the choice between two routes to
a destination, a requesting node is required to select the one with the greatest sequence
number.
Route Requests (RREQs), Route Replies (RREPs), and Route Errors (RERRs) are the
message types defined by AODV. These message types are received via UDP, and
normal IP header processing applies. So, for instance, the requesting node is expected to
use its IP address as the Originator IP address for the messages. For broadcast messages,
the IP limited broadcast address (255.255.255.255) is used. This means that such
messages are not blindly forwarded. However, AODV operation does require certain
network. The range of dissemination of such RREQs is indicated by the TTL in the IP
communication connection have valid routes to each other, AODV does not play any
role. When a route to a new destination is needed, the node broadcasts a RREQ to find a
route to the destination. A route can be determined when the RREQ reaches either the
destination itself, or an intermediate node with a 'fresh enough' route to the destination.
A 'fresh enough' route is a valid route entry for the destination whose associated
available by unicasting a RREP back to the origination of the RREQ. Each node
receiving the request caches a route back to the originator of the request, so that the
RREP can be unicast from the destination along a path to that originator, or likewise
from any intermediate node that is able to satisfy the request. Nodes monitor the link
status of next hops in active routes. When a link break in an active route is detected, a
RERR message is used to notify other nodes that the loss of that link has occurred. The
RERR message indicates those destinations (possibly subnets) which are no longer
reachable by way of the broken link. In order to enable this reporting mechanism, each
node keeps a "precursor list", containing the IP address for each its neighbors that are
likely to use it as a next hop towards each destination. The information in the precursor
lists is most easily acquired during the processing for generation of a RREP message,
which by definition has to be sent to a node in a precursor list If the RREP has a nonzero
prefix length, then the originator of the RREQ which solicited the RREP information is
included among the precursors for the subnet route (not specifically for the particular
destination). A RREQ may also be received for a multicast IP address. In this document,
full processing for such messages is not specified. For example, the originator of such a
RREQ for a multicast IP address may have to follow special rules. However, it is
important to enable correct multicast operation by intermediate nodes that are not
enabled as originating or destination nodes for IP multicast address, and likewise are not
equipped for any special multicast protocol processing. For such multicast-unaware
and it deals with route table management. Route table information must be kept even for
short-lived routes, such as are created to temporarily store reverse paths towards nodes
originating RREQs. AODV uses the following fields with each route table entry:
Destination IP Address
Other state and routing flags (e.g., valid, invalid, repairable, being repaired)
Network Interface
Next Hop
List of Precursors
Active route: It is a route towards a destination that has a routing table entry that is
marked as valid. Only active routes can be used to forward data packets.
same as "destination node". A node knows it is the destination node for a typical data
packet when its address appears in the appropriate field of the IP header. Routes for
destination nodes are supplied by action of the AODV protocol, which carries the IP
Forwarding node: It is a node that agrees to forward packets destined for another node,
by retransmitting them to a next hop that is closer to the unicast destination along a path
Forward route: It is a route set up to send data packets from a node originating a Route
Invalid route: It is a route that has expired, denoted by a state of invalid in the routing
table entry. An invalid route is used to store previously valid route information for an
extended period of time. An invalid route cannot be used to forward data packets, but it
can provide information useful for route repairs, and also for future RREQ messages.
processed and possibly retransmitted by other nodes in the ad hoc network. For instance,
the node initiating a Route Discovery process and broadcasting the RREQ message is
originator from the destination or from an intermediate node having a route to the
destination.
determine the freshness of the information contained from the originating node. [7]
2.7 Operations
Every route table entry at every node MUST include the latest information available
about the sequence number for the IP address of the destination node for which the route
table entry is maintained. This sequence number is called the "destination sequence
number". It is updated whenever a node receives new (i.e., not stale) information about
the sequence number from RREQ, RREP, or RERR messages that may be received
related to that destination. AODV depends on each node in the network to own and
maintain its destination sequence number to guarantee the loop-freedom of all routes
towards that node. A destination node increments its own sequence number in two
circumstances:
RREQ, it MUST update its own sequence number to the maximum of its current
sequence number and the destination sequence number in the RREQ packet.
When the destination increments its sequence number, it MUST do so by treating the
number rollover, if the sequence number has already been assigned to be the largest
when it is incremented it will then have a value of zero (0).On the other hand, if the
sequence number currently has the value 2147483647, which is the largest possible
positive integer if 2's complement arithmetic is in use with 32-bit integers, the next value
will be 2147483648, which is the most negative possible integer in the same numbering
AODV sequence numbers. This is in contrast to the manner in which the result of
In order to ascertain that information about a destination is not stale, the node compares
its current numerical value for the sequence number with that obtained from the
incoming AODV message. This comparison MUST be done using signed 32-bit
subtracting the currently stored sequence number from the value of the incoming
AODV message MUST be discarded, since that information is stale compared to the
The only other circumstance in which a node may change the destination sequence
number in one of its route table entries is in response to a lost or expired link to the next
hop towards that destination. The node determines which destinations use a particular
next hop by consulting its routing table. In this case, for each destination that uses the
next hop, the node increments the sequence number and marks the route as invalid.
Whenever any fresh enough (i.e., containing a sequence number at least equal to the
by a node that has marked that route table entry as invalid, the node SHOULD update its
route table information according to the information contained in the update. A node
may change the sequence number in the routing table entry of a destination only if:
and does not have one available. This can happen if the destination is previously
last known destination sequence number for this destination and is copied from the
known, the unknown sequence number flag MUST be set. The Originator Sequence
Number in the RREQ message is the node's own sequence number, which is
from the last RREQ ID used by the current node. Each node maintains only one RREQ
Before broadcasting the RREQ, the originating node buffers the RREQ ID and the
In this way, when the node receives the packet again from its neighbors, it will not
reprocess and re-forward the packet. An originating node often expects to have
for the originating node to have a route to the destination node; the destination must also
have a route back to the originating node. In order for this to happen as efficiently as
originating node SHOULD be accompanied by some action that notifies the destination
about a route back to the originating node. The originating node selects this mode of
A node SHOULD NOT originate more than RREQ_RATELIMIT RREQ messages per
second. After broadcasting a RREQ, a node waits for a RREP (or other control message
not received within NET_TRAVERSAL_TIME milliseconds, the node MAY try again
RREQ_RETRIES times at the maximum TTL value. Each new attempt MUST
increment and update the RREQ ID. For each attempt, the TTL field of the IP header is
set according to the mechanism, in order to enable control over how far the RREQ is
Data packets waiting for a route (i.e., waiting for a RREP after a RREQ has been sent)
discovery has been attempted RREQ_RETRIES times at the maximum TTL without
receiving any RREP, all data packets destined for the corresponding destination
SHOULD be dropped from the buffer and a Destination Unreachable message SHOULD
discovery for a single destination MUST utilize a binary exponential backoff. The first
milliseconds for the reception of a RREP. If a RREP is not received within that time, the
source node sends a new RREQ. When calculating the time to wait for the RREP after
sending the second RREQ, the source node MUST use a binary exponential backoff.
Hence, the waiting time for the RREP corresponding to the second RREQ is 2 *
period, another RREQ may be sent, up to RREQ_RETRIES additional attempts after the
first RREQ. For each additional attempt, the waiting time for the RREP is multiplied by
When a node receives a RREQ, it first creates or updates a route to the previous hop
without a valid sequence number then checks to determine whether it has received a
RREQ with the same Originator IP Address and RREQ ID within at least the last
discards the newly received RREQ. The rest of this subsection describes actions taken
First, it first increments the hop count value in the RREQ by one, to account for the new
hop through the intermediate node. Then the node searches for a reverse route to the
Originator IP Address , using longest-prefix matching. If need be, the route is created, or
updated using the Originator Sequence Number from the RREQ in its routing table. This
reverse route will be needed if the node receives a RREP back to the node that
originated the RREQ (identified by the Originator IP Address). When the reverse route
is created or updated, the following actions on the route are also carried out:
3. the next hop in the routing table becomes the node from which the RREQ
was received (it is obtained from the source IP address in the IP header
and is often not equal to the Originator IP Address field in the RREQ
message);
4. the hop count is copied from the Hop Count in the RREQ message;
Whenever a RREQ message is received, the Lifetime of the reverse route entry for the
where The current node can use the reverse route to forward data packets in the same
way as for any other route in the routing table. If a node does not generate a and if the
incoming IP header has TTL larger than 1, the node updates and broadcasts the RREQ to
address 255.255.255.255 on each of its configured interfaces To update the RREQ, the
TTL or hop limit field in the outgoing IP header is decreased by one, and the Hop Count
field in the RREQ message is incremented by one, to account for the new hop through
the intermediate node. Lastly ,the Destination Sequence number for the requested
destination is set to the maximum of the corresponding value received in the RREQ
message, and the destination sequence value currently maintained by the node for the
requested destination However, the forwarding node MUST NOT modify its maintained
value for the destination sequence number, even if the value received in the incoming
RREQ is larger than the value currently maintained by the forwarding node.
Otherwise, if a node does generate a RREP, then the node discards the RREQ. Notice
messages. In this situation, the destination does not learn of a route to the originating
node from the RREQ messages This could cause the destination to initiate a route
order that the destination learn of routes to the originating node, the originating node
SHOULD set the "gratuitous RREP" ('G') flag in the RREQ if for any reason the
destination is likely to need a route to the originating node. If, in response to a RREQ
with the 'G' flag set, an intermediate node returns a RREP, it MUST also unicast a
(ii) it has an active route to the destination, the destination sequence number in the
node's existing route table entry for the destination is valid and greater than or
signed 32-bit arithmetic), and the "destination only" ('D') flag is NOT set.
When generating a RREP message, a node copies the Destination IP Address and the
Originator Sequence Number from the RREQ message into the corresponding fields in
the RREP message. Processing is slightly different, depending on whether the node is
Once created, the RREP is unicast to the next hop toward the originator of the RREQ, as
indicated by the route table entry for that originator. As the RREP is forwarded back
towards the node which originated the RREQ message, the Hop Count field
isincremented by one at each hop. Thus, when the RREP reaches the originator, the Hop
Count represents the distance, in hops, of the destination from the originator.
node SHOULD only use hello messages if it is part of an active route. Every
If it has not, it MAY broadcast a RREP with TTL = 1, called a Hello message, with the
Hop Count 0
Lifetime ALLOWED_HELLO_LOSS *
HELLO_INTERVAL
If, within the past DELETE_PERIOD, it has received a Hello message from a neighbor,
and then for that neighbor does not receive any packets (Hello messages or otherwise)
node SHOULD assume that the link to this neighbor is currently lost. Whenever a node
receives a Hello message from a neighbor, the node SHOULD make sure that it has an
active route to the neighbor, and create one if necessary. If a route already exists, then
exists, MUST subsequently contain the latest Destination Sequence Number from the
Hello message. The current node can now begin using this route to forward data packets.
Routes that are created by hello messages and not used by any other active routes will
have empty precursor lists and would not trigger a RERR message if the neighbor moves
Each forwarding node SHOULD keep track of its continued connectivity to its active
next hops (i.e., which next hops or precursors have forwarded packets to or from the
Any suitable link layer notification, such as those provided by IEEE 802.11, can
next hop. For example, absence of a link layer ACK or failure to get a CTS after
used when the next hop is expected to forward the packet, by listening to the
channel for a transmission attempt made by the next hop. If transmission is not
destination (and thus is not supposed to forward the packet) one of the following
* Receiving any packet (including a Hello message) from the next hop.
* A RREQ unicast to the next hop, asking for a route to the next hop.
If a link to the next hop cannot be detected by any of these methods, the forwarding
node SHOULD assume that the link is lost, and take corrective action by following the
methods
multicast group
Only keeps track of next hop for a route instead of the entire route.
The main advantage of AODV protocol is that routes are established on demand and
destination sequence numbers are used to find the latest route to the destination. The
connection setup delay is less. The HELLO messages supporting the routes maintenance
are range-limited, so they do not cause unnecessary overhead in the network. One of the
disadvantages of this protocol is that intermediate nodes can lead to inconsistent routes if
the source sequence number is very old and the intermediate nodes have a higher but not
the latest destination sequence number, thereby having stale entries. Also multiple
control overhead. Another disadvantage of AODV is that the periodic beaconing leads to
unnecessary bandwidth.
this malicious node easily attack on physical link, as they can easily manipulated in ad-
hoc network. So Ad-hoc network are vulnerable to security problems than the wired
connecting and monitoring node. Node work in the nomadic and open
operational environment, by this intruder can easily attack and disrupt the
range of network. Node work in dynamic environment. Node can easily join
node..Due to hidden terminals and path break, it increases the error rate and
When attacker attack on the target node, Congestion in the network increase
due to requesting fake connection request causing its battery power lost [3].
network can offer high data rate in comparison of wireless medium. Thesis
requires the routing protocol in wireless networks to use the bandwidth always
Node acts as Router: - In MANETs node rely on their neighbors to route their
hope manners.
From the perspective of attackers routing protocol is more vulnerable. The fig.2.1 shows
the taxonomy for misusing AODV protocol. In this Vulnerability of AODV is basically
divided in packet drop, modify and forward, forge reply, active forge. Active forge is
divided in send fake route request and send fake route reply. In this dissertation misuse of
the RREP message and packet drop. AODV protocol is attacked in the following ways.
The attackers drop the packets and send a fake message for the receiver routing message.
Send Send
Fake Fake
RREQ RREP
Prime Product Number approach to solve the malicious node problem [1] by prevention
and removal. It proposed a scheme to mitigate the adverse effects of misbehaving node.
Key contribution of this approach is , it assume that each node in the network has a
specific prime number which belong to node unchanged identity. In this scheme
MANET organized in to number of cluster in such a way that at least one cluster is a
member of every node which is called cluster head. When destination node and
of prime number from destination node to source node and other information. If reply
information is right and prime product number is fully divisible then node is trustworthy
node otherwise call the removal process of the node.The main limitation of this
approach is that first give the prime number to every node in MANET, cannot check the
behavior of malicious node before assigned the prime number. if malicious node is
cluster head how can find out. It is slow process. End to end delay, through put and
3.2.2 Counter Algorithm approach for securing and preventing AODV routing
protocol
In this approach [13] source node without altering intermediate nodes and destination
between the sequence number of source node and destination node or intermediate node
who has sent back RREP or not, compare the destination sequence number with source
sequence number. If there is more difference between source and destination sequence
This method work only source node and destination node. No involvement of
intermediate node. It is basis on specific attack black hole. Only sequence number
In this approach [8] it measure the performance of AODV routing protocol in the
presence of malicious nodes evaluation has been considered as packet delivery ratio,
through put, data packet sent/received and control packet droop. In this no prevention
and avoidance technique used for malicious node. It only measures the performance of
AODV. No technique is used for improved the performance in through put, end to end
In this article [11], investigate the security issues in MANET. Author examine attacks
such as spoofing and colluding miserly attacks as well as counter measures against such
attacks in existing MANET protocol. In this approach gives solution for only specific
attack not all. No technique used for handling delivery ratio, end to end delay and
throughput.
In this approach [14] algorithm is discussed for prevention of flooding attack. Node
categorized as strangers and friends based on their relationships with their neighboring
nodes. For evaluation of its neighbor node trust level a trust estimator is used. End-to-
end delay packet delivery ratio is like a various parameter for trust level functioning
In this CORE mechanism approach [9] it is heighten watchdog for isolating and
various types of information on each entitys rate of collaboration is used for calculation
maliciously about other nodes, the collaboration technique itself is prevented denial of
service attack.
in of Service
routing
protocol
PPN YES Time consuming, Malicious Node Malicious node is not easily
head
performance of Throughput
in this environment
attacks
Neetu Singh Yes End to End delay Flood attack Optimize value of threshold
Detect and remove the
not measure, time Improve
malicioustheir
nodeperformance
consuming
scheme
AODV have four different messages that it uses for route discovery and route
Broadcast ID [32]
Reserved: Reserved for future use. Currently sent 0 and ignored on reception
Hop Count: Number of hops from the source IP address to the node handling the
request.
3.1 Introduction
Mobile Ad-hoc network is dynamic, nomadic and wireless medium, which makes cause
Denial of service attack is one of the most dangerous attacks. In this attack the malicious
node continuous broadcast or send the false control or data packet in the network due to
this kind of sending data or false packet network bandwidth is wasted largely and the
original packets are not able to reach their destinations. The target of dos attack is
power, network memory and bandwidth. When attack is successfully capturing the
network, the service will not be accessible. Sequence tiredness method and radio signal
network resources is the main aim of DOS attack. Malicious packet dropping is the class
packet and RREQ message[8].Today main network security concern is that how to stop
DOS attack for network resources accessibility with availability of ad-hoc network for
future use[9].
In below figure 3.1 when source node want to send data to destination node, first select
suitable path. In network any malicious node if present or enter its show their malicious
property and start flooding the large amount of data packet to source by this cause
congestion is increase over network and source node not able to send data to original
destination. In last malicious node consume battery energy, consume the resources and
Source
A black hole attack is another attack possible in MANET. It is defined for on-demand
routing protocol. The aim of this attack is to absorb the routing packet or data packet
during performing the operation. It is claiming that it has shortest and fresh path with
smaller number of hope count and large sequence number to destination even though it
does not have a valid route to the destination node. Due to this claiming it attract all the
packets and absorbed them without forwarding to destination node.Once it entered in the
network, it drops forwarding data packet by making a black hole there. This node is
called blackhole node or black node. In Blackhole attack it first respond to route request
discovery instead first checking its routing table. It increase the congestion and traffic in
Wireless Link
RREQ
Fake RREP
H I
J
S
L M D
K
A N
establish route for data sending between source to destination(D), source node broadcast
the route request (RREQ). When black node or blackhole node receive RREQ. It
claiming with RREP and it has shortest path with minimum hop count and large
sequence number. In last then source send the data to Blackhole node and finally it
observed the routing packet or drop the forwarding packet to actual destination.
Malicious node abuses the relationship between nodes causing disruption in the
operation of the network. Malicious (selfish) node intends to disrupt the ongoing proper
operation of the routing protocols. Network battery power is limited. When node use the
network battery power for its own purpose and node participate in network routing, this
Malicious nodes can also agree to forward packets but silently drop the packets. They
are pretending to preserve energy and bandwidth. This causes defragmented networks,
isolated nodes, and significantly reduced network performance. Launch all kinds of
attacks by replaying, reordering or dropping packets from time to time, and even by
sending fake routing messages [2]. Capture the network battery power, network
resources, and increase the congestion in the network. In MANET network when
multiple nodes behaves as selfish, then it belong to the resulting scheme in the form of
degrading the routing information of other node and performance of other nodes and
blocking the functioning of nodes in the network. Multiple nodes act maliciously,
very slow at most nodes. If multiple nodes are malicious in same networks, then there
will be the possibility of two more attacks. Network performance is depend on the
routing, end to end delay and packet delivery ratio but on the other hand malicious
Denial of service attack is a type of active attack. In this, attacker aim to attack the
accessibility of a node. When attack is successful the service will not be available. This
type of node is called malicious node or denial of service node. Denial of service means
degradation or avoidance of valid use of network resources. Malicious node drops the
Blackhole attack is also a type of active attack .In which it claim to a shortest route
even though it does dont have a valid route to the destination node. This type of node
called black hole node or black node. In the blackhole attack there are two type of node
type 1, in this black hole node first respond to route discovery request rather than check
its routing table. Black node drops the packets rather than forward to the destination.
Blackhole attack as false destination sequence attack also. In this, black hole node clam
to a request for a shortest path with a high sequence number of destination. Source
assumes this path is fresh path. again blackhole node drops the packets rather than
2. Attacks reducing the amount of routing information, discarding routing packet due to
selfish behavior of a node. A selfish node is a type of node which supply power is
limited, node use its power supply for its own purposes and does not participate in
routing operations.
B4 B5 B6
B3
B2
B1 C4 C5 t
C3
C2
C1
A D4
S BH
D1 D2 D3
Denial of Service (DoS) attacks not only consumes the scarce system
resources, such as bandwidth, battery energy, or CPU cycles, but also isolates
delivery.
The new DOS attack, namely Ad Hoc Flooding Attack (AHFA), can result in
Today, very use of the wireless networks, which can be easily access. People can access
some application using the internet means create some Ad-hoc Networks. In this
scenario have some problem like attacker is attack and get some important information
like password, secrete key, important Data. In this environment malicious node are
responsible for all types attacks. Malicious node are reduced the Networks Load,
It drops the data packet which degrades network throughput continuously, packet loss
ratio increase when number of attacker increase routing overhead increase and packet
delivery ratio decrease. Due to malicious activity of node it increase end to end delay in
the network.
In MANET, unhelpful node is malicious node. The nodes belonging to the first category
are either defective and therefore cannot follow a protocol or rule are with intent
malicious and try to attack on the system or networks. Malicious node causes packet
dropping, false routing and etc. Effects of malicious nodes are given below
replaying, reordering or dropping the packets from time to time, and even by
Mobile ad- hoc network is wireless and dynamic and position of mobile node change
continuously. These causes increase the presence of attacks in the ad- hoc network. The
main focus on the work to prevention of Denial of Service (DoS) and Black Hole attacks
in Mobile Ad-hoc Network. In this research scheme detection of malicious node and
destination node.
When any node get send route request if it is continuous route request then check the
behavior of the node that it should not be intrusion node. For finding this malicious
behavior we use the time limit and node counter which work as check the never receive
how many route request in a given time limit, here time limit is set at 0.6 and 8 neighbor
route request receive then node adding list of malicious behavior and declare malicious
The general architecture of MANET is shown in Figure 4.1, in this architecture source
node is (node 1) and destination node (node 25). In figure we show the scenario of
dynamic networks and show some movable node in whole networks .The path of
sending data from source node to destination node is denoted by lines. Malicious node
yellow, color source node in green color, destination node in blue color, and normal
Source Node
Destination Node
Movable Node
Normal Node
Selfish Node
9
15
3
11
6
8
5 16
14 13
1 4
22
17 12
10
2
7 23 19
25
24
20
21 18
The source node using optimum path for sending data from source to the
destination.
The destination node receives the data which sends from source nod.
Continuous packet sends in the network property and in malicious node due
Y
N
4 3 2 1
Step 2: RREQ Expire
Node in N Time =
(NDSN>S RREQ Node Node RREQ Current Time
SN)&&(D > RREQ Counter Table + Waiting
Expire in Time
SN>SSN) MAX_
&& RREQ Time <= RREQ
Current Current Table
Time< Time
Neighbors
receive Step3: Malicious Node
Reply Expire Time < Current Time
Time
Add in Link
malicious Delete
List from Remove From
RREQ Malicious List
Table
YES:
else {
RREQ Counter=1
(4) if (NDSN > SSN) && (DSN >SSN) && current time < Neighbor receive reply time)
if ( above Process has not done than check the malicious node behavior (if continuous
then (Send route request 2 times and Identify who will node give reply with highest
sequence number)
and (Remove that path which node give route reply with highest path and send the route
then
We proposed above schema which work whenever any node get route request.
Step 1: Discard or drop the packet which is come from the malicious node. if any node
get any route request from any node and that node in malicious node list then node
discard that packet and stop flood attack. But main question how to decide that node is
malicious or not.
malicious node list then we go next further to check its malicious or not. First we check
it is his first request then we add one entry in RREQ table which gather data how many
If first time route request then we cant find it in RREQ table. If we find then it not first
time. If we find it then we compare route request come from that node with max_route
request which is 8.If it exceed then we declare as Malicious node add it in Malicious
node list, also we set the expire time of malicious node. We delete entry from RREQ
table.if node request less than max request then there is two choice either its entry
expire or not, if entry expire then we remove from entry from RREQ table but if not we
increment the request counter of particular node in RREQ. But if node entry is not in
RREQ table then we enter one entry in RREQ table with node id with request =1 and we
In last process, apply on each node, It is basis on the Destination sequence number,
Current Time and Execute receive reply time required. If Node get the route reply
message With The DSN (destination sequence number) then source node compare the
Neighbors DSN to each other and DSN to SSN and also compare the route reply time of
the neighbors to the current time. If its excided then Node adds in malicious list. Than
after source node will send the route request or send the data packet on another path. So
this type of process doing till source node will not identify original destination node.
expires. May be possible after some time malicious node stop doing malicious thing
means stop DoS attack. We should remove it from malicious node list and forward its
route request. After entries of malicious node expire then we remove it from the
So like this we can catch the malicious node from network, and we can stop the DoS and
One general process to ways research in the networking is to simulate and evaluate the
protocol in various scenarios. For Research environment many simulation tools are
available for doing research work or do those tasks, like as OPNET, Networks
Simulator-2 (NS-2), Sumo, GLOMOSIM, etc. In this research thesis is based on the
was preferred as a simulation because its one of the important environments for
network protocols, devices, and applications. Their programming libraries provide the
helps researchers to simply change the network elements, parameters and evaluate their
performance in the NS-2 simulation environment. NS-2 also provides well data analysis
(OTcl) that takes OTcl script as a input and produce trace file as a output.
Figure 5.1 shows the basic architecture of NS2. NS2 provides users with executable
command ns which take on input argument, the name is Tcl simulation scripting file.
Users are providing the Tcl script as an input argument of an NS2 executable command
view like plot graph. NS2 involves two major languages: C++ and Object-oriented Tool
Command
language (OTcl). While the C++ provides the internal mechanism of the simulation
objects, the OTcl sets up simulation by assembling and configuring the objects as well as
It may define events and variables to help the interaction. NS2 provides a large number
of built-in C++ objects. It is advisable to use these C++ objects to set up a simulation
using a Tcl simulation script. But, advance users find these objects unsatisfactory. They
need to develop their own C++ objects, and use a OTcl configuration interface to put
simulation results. To interpret these type of results graphically and interactively, tools
such as NAM (Network AniMator) and XGraph were used. To analyze a certain
behavior of the network, users can extract a relevant subset of text-based data and
Here explain the three steps of creating or defining a simulation scenario in a NS-2
In the first step users decide the purpose of simulation, network configuration and
assumptions; evaluate the performance, and what type of predicated output [15].
In the step 2 implements the design in the step1. Here two phases Configuring and
Simulation.
Configuration phase: In this phase configured network components (Node (Host), TCP
and UDP, Routing protocols like AODV, DSR, DSDV etc.) are created and also
configured according to the design (Step 1) of simulation. The proceedings such as data
transfer or route request are start and end at a certain time [15]. It means define the start
chronologically. In this phase generally runs until the simulation timer reached a
In this step main tasks is verify the integrity of the program and measure the
debugging; the second one is achieve correctly collect and compiling simulation results
[11].
Network Simulator 2 (NS -2) provides the implements different protocols for simulation
or research. Also created new protocols and all internal protocols can be changed as per
user requirements. In Networks Simulator 2 mobile node has designed to move a three
On the other hand the Z dimension is not used. The mobile node is assumed to move
always on horizontal environment with Z equal to 0. The node mobility scenarios are
handled in two ways, in the first way, nodes' speeds, starting and ending positions are
selected at random. At a prearranged time, the node would start moving from its original
position to its destination at the define speed. In the mobility scenario is normally stored
in a separate file. In the second way, nodes starting positions are generated originally;
of the simulation. Networks simulator 2 also provides network traffic patterns like Cbr
(constant bit rate). Also Networks Simulator-2 provides the utility for data analysis using
In the complete version, the node class is better by adding more supporting features such
as facility to move inside a topology, facility to send and receive packets over a wireless
channel etc.
NS2 uses more packages and optional software. Tools like Xgraph it is used for
represents the graphical view of the data or results and another is network animator
(NAM). The NAM provide the visualization of networks how it transfer the data, how to
send data etc. Networks simulator is used two main part kernel and libraries.
Networks simulator 2 model provide the Split-level programming for build the networks
scenario. C++ language provides the simulation behavior while the simulation scenario
Network simulator 2 is more used for simulation and research but it's have some
limitations.NS 2 does not provide the CIDR (Classless Inter-Domain Routing) and Sub
netting. NS2 also not support Variable Bit Rate (VBR) but it is provide the Constant Bit
network environment. NS2 not support processing delay but support different delays like
Networks Simulator has limited functions are used when created the scenario of large
network. In a large network hundreds of nodes to simulate and NS2 cannot give the
results of that much large simulation. It means the more number of nodes the slow the
simulation.
In this phase, create the Dynamic MANET networks with the 25, 50 mobile nodes. Also
here some node are move the networks means add mobility on node. Apply the AODV
Routing Protocols on these MANET networks with some parameters. In this scenario
node 0 is the Source Node and Destination Node is 5. Then after we have analyzed the
results in terms of the Packet Delivery Ratio, End-to-End Delay and Throughput. In
Table 5.1 list of parameter used in setup network. Following table list of parameter used
in the simulation.
Parameters Values
In Table 5.1 some parameter used for the create networks/topology. In this network is
NS2 (version 2.35) and use the different scenario with takes different node like 25, 30,
and 35,40,45,50. Use the Traffic source CBR (Constant Bit Rate), packet size is 512
model is random waypoint each scenario used the different number of malicious node.
In Figure 5.2 first source node has sent the route request packet for data transfer that
time destination node sent the route reply message to source node with the optimum path
means minimum hop count path. In this fig source node is 2 and destination node is 20
The Figure 5.3 is network scenario of DoS attacks. Here added the malicious node so
malicious node constantly sends the fake route request in the networks. That time source
node not able to send data to destination it is means disturb the whole networks. That is
Figure 5.4 has presented the prevention of the DoS attack. After applying the proposed
solution of prevent the DoS attack malicious node are detect and prevents so source
node again find the optimum path and start sending data to destination and increased the
Throughput
Also referred as the average number of data packets received at destinations during
simulation time.
End-to-End Delay
This is the average delay between the sending of the data packet by the CBR source and
its receiving at the corresponding CBR receiver. It includes all delays caused during a
Average End to End delay = Total end to end delay/Number of packets Received.
Packet delivery ratio is the ratio of data packet delivered to the destination to those
Above Fig. 5.5, 5.6 and 5.7 they show the packet delivery ratio, average Throughput,
End-to-End delay under Dos attack. It shows the prevention of our work for 25 nodes
with simulation time 100 to 500 Seconds It shows that the throughput decreases with the
existence of the attackers using Dos attack and in case of prevention throughput increase
Below Fig. 5.8, 5.9 and 5.10 they show the packet delivery ratio, average Throughput,
End-to-End delay under Dos attack. It shows the prevention of our work for 50 nodes
with simulation time 100 to 500 Seconds It shows that the throughput decreases with the
existence of the attackers using Dos attack and in case of prevention throughput increase
and it also improve the performance of packet delivery ratio and End- to End delay in
Result 4
In Figure 5.11 is network scenario of Blackhole attacks. Here added malicious node so
malicious node constantly sends the fake route request and data in networks.
Result 1
Above Fig. 5.13, 5.14 and 5.15 they show the packet delivery ratio, average Throughput
and End to End delay under Blackhole attack.it shows the performance evaluation of
our prevention against black hole attack by varying simulation time from 100 s to 500 s
and keep 25 nodes. From the analysis of the fig.5.13, we can see the packet delivery
ratio of AODV under black hole attack is less than the standard routing protocol AODV.
It can also be seen from the graph that with the increase of simulation time our
attack. Fig.5.15 shows that average end-to-end delay decreases in all of the cases.
Result 4
Fig. 5.16, 5.17 and 5.18 they show the packet delivery ratio, average Throughput and
End to End delay under Blackhole attack.it shows the performance evaluation of our
prevention against black hole attack by varying simulation time from 100 s to 500 s and
keep 25 nodes. From the analysis of the fig.5.16, we can see the packet delivery ratio of
AODV under black hole attack is less than the standard routing protocol AODV. It can
also be seen from the graph that with the increase of simulation time our prevention is
consistently performing well.fig. 5.17 it show the result of throughput, it that our
attack. Fig.5.18 shows that average end-to-end delay decreases in all of the cases.
Result 5
because it is main security danger. In malicious environment this problem has found
malicious node. The existing approach to assuage the effect of DOS and Blackhole
attacks and do note alleviate the malicious node. Our algorithm to handle DOS and
Blackhole attacks discovers secure path and avoiding malicious node. It also
Our algorithm mitigates Dos and Blackhole attack and malicious nodes uses AODV as
malicious type. We find that the motive of malicious node is to cripple the network. The
main aim of this mechanism to detect and prevent the dos and Blackhole attack.
Hence, in our work we have not only focused on about DOS and Blackkhole attack but
AODV environment is open, node connect or disconnect with less time. Which increase
the growing possibility of malicious node in the environment. Node not only works with
DOS and Blackhole attack but also other attacks like, Gray hole, selfish node,
wormhole,
Russian. Which also degreed the performance of AODV. And in another hand link
breaking problem is another issue in AODV which effect the real time application like
networks attacks with reduce the link breaking problem. A new algorithm should be able
[1] Sapna Gambhir, Suarabh Sharma PPN: Prime Prduct Number based Malicious
[2] Seryvuth Tan, Keecheon Kim,"Secure Routing Discovery for preventing Black Hole
[3] Rashid Sheikhl Mahakal Singh Chandee, Durgesh Kumar Mishra,"Security Issues
2013.
[5] Kritika Taneja, Dr.S.S Tyagi Security Issue on AODV outing Protocol Suffering
[7] Kavita Taneja and R. B. Patel, Mobile Ad hoc Networks: Challenges and Future,
[10] A.Rajaram, Dr. S. Palaniswami Malicious Node Detection System for Mobile Ad
[11] Bounpadith Kannhavong, Hidehisa Nakayama, Yoshiaki Nemoto, And Nei Kato,
[13] Dr.S.Tamilarasan, Securing and Preventing AODV Routing Protocol from Black
[14] Ms. Neetu Singh Chouhan, Ms. Shweta Yadav ,Flooding Attacks Prevention in
MANET, IJCTEE
[16] Akanksha Saini, Harish Kumar,"Effect Of Black Hole Attack On AODV Routing
I.1 Notations
Router: The table where the routing protocols keep routing information for various
destinations. This information can at least include next hop and the number of hops to
the destination.
populations.
Source route: A route from the source to the destination made available by the source.
protocol for which throughput is to be measured for instance, IP,TCP or MAC protocol.
AODV: Ad-hoc On-Demand Distance Vector Routing protocol for wireless ad-hoc
networks.
and receiver. For instance, the range of one transmitter may be much higher than the
range of another transmitter on the same medium. The transmission between the two
DSDV: Dynamic Sequenced Distance Vector. Routing protocol for wireless Ad Hoc
networks.
DSR: Dynamic Source Routing. Routing protocol for wireless Ad Hoc network
Proactive: Tries to maintain the routing map for the whole network all the time.
RREQ: Routing Request. A message used by AODV for the purpose of discovering
new
TORA: Temporally Ordered Routing Algorithm. Routing protocol for wireless ad-hoc
networks.
ZRP: Zone Routing Protocol. Routing protocol for wireless ad-hoc networks.
Destination IP address: IP address of the destination for which the route is required.
Destination Sequence number: The last sequence received in the past by the source for
Source sequence number: Current number for route information generated by the
Destination IP Address[32]
Lifetime[32]
L : If the L-bit is set the message is a hello message and contains a list of the nodes
neighbors.
Reserved : Reserved for future use. Currently sent as 0 and ignored on reception
Hop Count: Number of hops from the source IP address to the destination IP address.
Destination IP address: IP address of the destination for which the route is supplied.
route.
Lifetime: Time for which nodes receiving the Reply consider the route to be valid.
Reserved : Reserved for future use. Currently sent as 0 and ignored on reception
at least 1.
Unreachable Destination Sequence Number : The sequence number in the route table
entry for the destination listed in the previous unreachable Destination IP address field.
Type Reserved
Reserved: Reserved for future use. Currently sent as 0 and ignored on reception