Co-operative Black Hole Detection and Prevention in Mobile ad hoc network: Survey By SUMAN MANDAL UNDER THE GUIDANCE OF TANUMOY NAG Assistant Professor Dinabandhu Andrews Institute of Technology & Management SURVEY REPORT SUBMITTED IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE POST GRADUATE DEGREE OF MASTER OF SCIENCE IN COMPUTER SCIENCE DINABANDHU ANDREWS INSTITUTE OF TECHNOLOGY & MANAGEMENT Session 2016 – 2018. DEPARTMENT OF COMPUTER SCIENCE DINABANDHU ANDREWS INSTITUTE OF TECHNOLOGY & MANAGEMENT [Affiliated to MAULANA ABUL KALAM AZAD UNIVERSITY OF TECHNOLOGY, WEST BENGAL] BAISHNABGHATA, PATULI, KOLKATA-700084
20
Embed
Co-operative Black Hole Detection and Prevention in Mobile ad … · In this paper I mainly focused on “Black Hole Attack”, analysis the type of black hole attack, detecting black
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Co-operative Black Hole Detection
and Prevention in Mobile ad hoc
network: Survey
By
SUMAN MANDAL
UNDER THE GUIDANCE OF
TANUMOY NAG
Assistant Professor
Dinabandhu Andrews Institute of Technology & Management
SURVEY REPORT SUBMITTED IN PARTIAL FULFILLMENT OF THE
REQUIREMENTS FOR THE POST GRADUATE DEGREE
OF
MASTER OF SCIENCE IN COMPUTER SCIENCE
DINABANDHU ANDREWS INSTITUTE OF TECHNOLOGY & MANAGEMENT
Session 2016 – 2018.
DEPARTMENT OF COMPUTER SCIENCE
DINABANDHU ANDREWS INSTITUTE OF TECHNOLOGY & MANAGEMENT
[Affiliated to MAULANA ABUL KALAM AZAD UNIVERSITY OF TECHNOLOGY, WEST BENGAL]
BAISHNABGHATA, PATULI, KOLKATA-700084
CERTIFICATE OF APPROVAL
The foregoing Survey is hereby accepted as a credible study of a Computer
Science subject carried out and presented in a manner satisfactory to warrant its
acceptance as a prerequisite to the degree for which it has been submitted. It is
understood that by this approval the undersigned do not necessarily endorse or approve
any statement made, opinion expressed or conclusion drawn therein, but approve the
survey only for the purpose for which it is submitted.
————————————— __________________________
Signature of Examiner Signature of Head of Department
ACKNOWLEDGEMENT
I would like to express my sincere thanks to all the people who have helped me most throughout
my project. First of all, I am grateful to my project supervisor Mr. Tanumoy Nag for his invaluable
guidance and constant support throughout the project.
A special thank of mine goes to Mrs Paromita Roy, Head of the Department (Computer Science)
and also my college authorities for providing me with all the necessary resources and facilities
necessary for carrying out the project.
I also wish to thank my parents for their personal support and attention. Last but not the least, I
would like to thank my friends who treasured me for my hard work and encouraged me.
————————————
Suman Mandal
Table of Contents:
Abstract
Keywords
1. Introduction
2. Protocols
2.1. Proactive (table-driven) Routing Protocol
2.2. Reactive (on-demand) Routing Protocol
2.2.1. AODV Routing Protocol
2.2.2. DSR Touting Protocol
2.3. Hybrid Routing Protocol
3. Important parameters in MANET security
3.1. Network Overhead
3.2. Processing Time
3.3. Energy Consumption
4. Security Challenges
4.1. Security Services
4.1.1. Availability
4.1.2. Authentication
4.1.3. Data Confidentially
4.1.4. Integrity
4.1.5. Non Repudiation
4.2. Attacks
4.2.1. Black Hole Attack
4.2.2. Worm Hole Attack
4.2.3. Byzantine Attack
4.2.4. Snooping Attack
4.2.5. Routing Attack
4.2.6. Resource Consumption Attack
4.2.7. Session Hijacking
4.2.8. Denial of Service
4.2.9. Jamming Attack
4.2.10. Impersonation Attack
4.2.11. Modification Attack
4.2.12. Fabrication Attack
4.2.13. Man-In-the Middle Attack
4.2.14. Gray Hole Attack
4.2.15. Traffic Analyze Attack
5. Cooperative Black Hole Attack
5.1. DRI Table and Cross Checking Scheme
5.2. Distributed Cooperative Mechanism
5.3. Hash-based Scheme
5.4. Hashed-based MAC and Hash-based PRF Scheme
5.5. Backbone Nodes (BBN) and Restricted IP (RIP) Scheme
5.6. Bait DSR (BDSR) based on Hybrid Routing Scheme
6. Conclusion
References
Abstract: MANET is one type of wireless ad hoc network, based on mobile wireless nodes.
Because of its special characteristics like dynamic topology, hop-by-hop
communications, and easy and quick setup, MANET faced lots of challenges, mostly on
security. MANET has self-configuring ability, because of that security challenges arise.
In this paper I mainly focused on “Black Hole Attack”, analysis the type of black
hole attack, detecting black hole and prevention technic.
Keywords: Mobile ad hoc networking protocol collaborative black hole attack.
1. Introduction: Mobile ad hoc network (MANET) is self-configuring network which is formed by several
movable tools (also called node). MANET is also infrastructure independent. It has some
exceptional characteristics like dynamic topology, open network boundary, distributed
network, easy implementation, hop-by-hop communication. Such characteristics have
made MANET more popular. It mostly used in military, disaster management, personal
area network and so on. Because of its special characteristics, MANET faced many
challenges, such as security problem, dynamic link establishment, reliable data delivery,
finite transmission bandwidth, abusive broadcasting message and restricted hardware
caused processing capabilities.
In MANET, the most active research area is security. It has a few number of
security challenges. It has a special feature that, all nodes are free to join and leave the
network, open network boundary. That’s why security challenges are arrived. Most
popular security challenge is ‘Black Hole Attack’. In this paper black hole attack and its
preventions are described by survey with the help of some papers.
2. Protocols: In MANET there has different types of protocols. Before a source node wants to
communicate with target node, it should broadcast its present status to the neighbors
due to the current routing information is unfamiliar. According to how the information
is acquired, the routing protocols classified into proactive, reactive and hybrid routing.
2.1. Proactive (table-driven) Routing Protocol: The proactive routing protocol is also called table-driven routing protocol. In this
protocol all nodes are broadcast their routing information periodically. Each node needs
to maintain their routing table that records routing information of all nodes in the
network. The main disadvantage is, because of recording all routing information, the
network overhead increases. However, if any malicious node is included, the routing
table information is changed. It is the advantage of proactive routing protocol. The most
familiar proactive type protocols are destination sequence distance vector (DSDV)
routing protocol and optimized linked state routing (OLSR) protocol.
2.2. Reactive (on-demand) Routing Protocol:
Reactive routing protocol is known as on-demand routing protocol. Unlike proactive
routing protocol it never needs to record all node’s routing information. So it doesn’t
need to periodically broadcast routing information and therefore required bandwidth is
reduced and also network overhead. It remain active throughout the packet
transmission. For this passive routing method the packet drop is increases and it doesn’t
understand any malicious node is included. Some of this type routing protocols are ad
hoc on-demand distance vector (AODV) and dynamic source routing (DSR) protocol.
2.2.1. AODV Routing Protocol: AODV protocol is constructed based on DSDV
routing. In AODV protocol each node records only next hop routing information in its
routing table and maintains it to sustaining rout information from source to destination
node. If source node doesn’t found any route to destination then route discovery
process is started and it broadcast rout request (RREQ) packet immediately. All the
intermediate nodes receive the RREQ packet and a parts of them send rout reply (RREP)
packet to the source node if destination rout information occurred in their routing
table. The route maintainance process is started when the network topology has
changed or connection has failed. First, the source node informed by route error (RRER)
packet. Then it utilize the present route information to find a new routing path or
restart the route discovery process to update routing table information.
A
B
C D
E
F
G
Source
Destination
Figure 1: AODV Routing Protocol
2.2.2. DSR Routing Protocol: The DSR protocol is constructed based on source routing. That’s why each data
packet contains the routing path from source to destination. All the nodes maintain
their routing table information from source to destination. The source node decide the
path because each node recorded information from source to destination path. The
performance of DSR decreases with the mobility of network increases, lower packet
delivery with higher network mobility.
2.3. Hybrid Routing Protocol: Hybrid routing protocol combines proactive and reactive routing protocol and takes
their advantages. This routing protocol designed as a hierarchical or layered network
framework. At the beginning this protocol uses proactive routing protocol to gather
unknown routing information and then uses reactive routing protocol to maintain the
rout information when network topology changes. The well-known hybrid routing
protocols are zone routing protocol (ZRP) and temporally-ordered routing algorithm
(TORA).
3. Important parameters in MANET security: There are some important parameters in MANET. They are very important in security
approach otherwise security approach may be useless. Relation between security
parameters and security challenges shows in figure 1.Each security approach must be
aware of this relation.
Figure 2: Relation between security parameters and Security aspects
3.1. Network Overhead:
Security Parameters
Security Service Attacks detection,
prevention and
elimination approaches
This parameter refer to number of control packets generated by security
approaches. So additional control packets increases collision and congestion in
MANET. This congestion and collision lead to packet lost. Therefore high network
overhead slow down the packet transmission rate, increases retransmission rate,
and easily nodes are loses their energy.
3.2. Processing Time:
When a malicious node attacks, each security approach needs time to detect
them. It is possible to break route between two nodes because of dynamic
topology of MANET. So decreasing the detection time of a security approach is
required, as much as possible.
3.3. Energy Consumption:
Each node in MANET has limited power source. More power consumption
decreases the lifetime of these nodes and of the network. So decrease the power
consumption is needed for the flexibility of node and network.
These three parameters are very important to aware about for each security
protocols. Disregard these parameters are not efficient for any security approach.
4. Security Challenges: Generally there are two important aspects in security: Security services and Attacks.
Security services provide secure path and transmission in MANET. In other hand attacks
are try to break security in MANET. These two challenges discussed below.
4.1. Security Services: The main goal of security services is to provide more security that prevent attacks by
malicious nodes and make harder to break security by a malicious node. Because of
special feature of MANET this services faced lots of challenges. Each service needs to
cooperate with other services, if each services guaranteed security without noticing
others then security will fail. The main problem is to provide each service one-by-one
and presenting a way to guarantee each service. In the following five important security
services and their challenges are discussed.
4.1.1. Availability:
According to this service, each authorized node must have access to all data and
services in the network. Availability challenges are arise because of dynamic topology of
MANET. Accessing time is important because time is one of the important parameter in
security. The time in with a node access packet and network services decreased due to
lots of authentication and security levels. One of the most known proposed approach
which is known as ABTMC (Availability Based Trust Model of Clusters), propose the
solution of this problem. Using ABTMC the hostile node in a cluster is identified and
should be isolated from the network.
4.1.2. Authentication:
The goal of this service is provide trustable communication between two nodes.
When a node receives packets from source, the node must be sure about identity of the
source node. Using certification is the way to provide this service. However, in absence
of central control unit key distribution and key management is challengeable.
4.1.3. Data Confidentially:
According to this service, each node must have access to a specific service that it
has the permission to access. Most of services that are provided by data confidentially
use encryption method but in MANET as there is no central management, key
distribution faced lot of challenges and sometimes impossible.
4.1.4. Integrity:
According to this security service only authorized node can create, edit and
delete packets. For example, Man-In-The-Middle attack is against this service. In this
attack the attacker capture all packets and then removes or modifies them.
4.1.5. Non-Repudiation:
According to this service, source and destination cannot repudiate their behavior
or data. For example, if a node receive a packet from node2, and send a reply, node2
cannot repudiate that packet that it has been sent.
4.2. Attacks: For the special feature like hop-by-hop communication, wireless media, open area and
self-configuration, MANET become popular to the malicious node. Some of the attacks
in MANET are follows:
4.2.1. Black Hole Attacks:
One of the most popular attack is black hole attack. This is one type of Reactive
Routing Protocol. In this attack, the malicious node reply to the source node, the false
routing information, and leads the packets to it. After that it receives all the packets and
discard them.
There are two types of black hole attack. Such as single black hole attack and co-
operative black hole attack. However, single black hole attack detection is easy compare
to co-operative black hole attack. I discuss co-operative black hole attack in detail later
in this paper.
4.2.2. Worm Hole Attack:
In this attack the malicious node record packet at one location and tunnel them
to another location. This fault routing information may halt the packet transmission. The
proposed solution for this attack is encryption and node location information.
4.2.3. Byzantine Attack:
In this attack malicious node injects fault routing information to the source node,
in order to locate packet into loop. There has one solution for this attack is using
authentication. The well-known proposed solution is RSA authentication.
Source
Black hole
Destination
RREQ
RREP
Fake Reply
Figure 3: Black Hole Attack
4.2.4. Snooping Attack:
Accessing the other node’s packets without permission is the main goal of this
attack. MANET is hop-by-hop packet transmission network. So, malicious node can
capture other node’s packet.
4.2.5. Routing Attack:
In this attack malicious node tries to delete or modify node’s routing table. The
malicious node destroys routing table information of an ordinal node, and thus network
overhead and transmission time is increases.
4.2.6. Resource Consumption Attack:
In this attack malicious node waste network resources in some way. For result,
malicious node leads the packet to a loop by using ordinary nodes. Thus nodes energy is
used for transmitting fault packet and packet lost and congestion is increases.
4.2.7. Session Hijacking:
Session hijacking is a critical error and give opportunity to malicious node to
behave like a legal system. In this attack malicious node react instead of legal node in
communication. Cryptography is one of the most efficient solution to defeat this attack.
4.2.8. Denial of Service:
In denial of service, malicious node prevents the authorized nodes to access
network data or service. In this attack, specific node or service will be inaccessible and
network resource like bandwidth will be wasted. As a result, packet delay and
congestion increases.
4.2.9. Jamming Attack:
Jamming attack is a kind of DOS attack. The objective of a jammer is to interfere
with legal wireless communications. This goal can be achieved by preventing a packet
from sending out or by preventing the reception of legal packets.
4.2.10. Impersonation Attack:
In this attack attacker can pretend itself as another node and provide wrong
routing information to the network. As MANET has open boundary and hop by hop
communication, it’s hardly permeable against this attack.
4.2.11. Modification Attack:
In this attack malicious node sniff the network for a period of time. Then, explore
wireless frequencies and modify packets. Man-in-the-middle is a kind of modification
attack.
4.2.12. Fabrication Attack:
In this attack, malicious node destroys routing table by providing fault routing
information. Malicious node creates fault routing path. As a result, nodes send their