Abstract – Sincean ad hoc network is a collection of infrastructure less & wireless mobilenodes, which act as a host as well as a router.
Communication among nodes takesplace in hop-to-hop fashion without a centralized administration. AODV is well-knownon-demand reactive routing protocols for mobile ad hoc networks. But inexisting AODV, there is lack of sufficient security provision againstwell-known attack “Black hole attack”. Black hole nodes are those nasty nodesthat show the same opinion to forward packet to destination but do not forwardpacket intentionally. This Paper presents a watch-dog mechanism for the AODVrouting protocol to identify such misbehavior based on promiscuous listening. Thismethod firstly notices a black hole node and then gives a fresh route avoiding thisnode.
In lightly loaded, aggressive situation, our method gives better throughputas compared to a defenseless AODV protocol. Key terms – Mobile Ad hoc networks,routing, security, AODV, black hole attack, Prevention. I. IntroductionIt is well known that there hasbeen fantastic growth in the use of wireless communication over the last fewyears, from satellite transmission to home personal area networks(PANs-Bluetooth etc.
). One side is advantages of wireless to transmit dataamong users in a common area while remaining mobile another side is thedisadvantages of vulnerability. Nevertheless the range of transmitters or theirnearness to wireless access points restricts distance between participants. Adhoc networks moderate this problem by allowing out of range nodes to route datathrough intermediate nodes.Ad hoc networks have a wide collection ofmilitary, commercial & educational applications and other emergency anddisaster situations.
Ad hoc networks are ideal in situations where installationof an infrastructure is not possible because the infrastructure is tooexpensive or too vulnerable, the network is to temporary, or the infrastructurewas destroyed. A sensor network, which consists of several thousand smalllow-powered nodes with sensing capabilities, is one of the advancedapplications of MANET’s. Clearly, security is a vital issue in such areas.
However,recent wireless research indicates that the wireless MANET presents a largesecurity problem than conventional wired and wireless networks. Whilemost of underlying features make MANET’s useful and popular.First, all signals go through bandwidth-constrained wireless links in aMANET, which makes it more prone to physical security threats than flexiblelandline networks. Possible link attacks range from passive eavesdropping toactive interference. Second, mobilenodes are roaming independently and are able to move in any direction. In thiscase denial of service (DOS) caneasily be launched if a malicious node floods the network with fake routingmessage. The other nodes may unknowingly propagate the messages.
Third, decentralized decision making in the MANET relies on thecooperative participation of all nodes. The malicious node could simply blockor modify the traffic traversing it by refusing cooperation to break thecooperative algorithm. Finally, an attacker could create a new type of DoSattack by forcing a node to replay packets to exhaust its energy.In general, the wireless MANET is particularlyvulnerable due to its elementary feature of open medium, dynamic topology, andabsence of central authorities, distributed cooperation, and constrainedcapability.
The existing security mechanisms for wired networks cannot be franklyapplied in wireless MANET’s.Theoretically there may be several type ofattacks are possible but generally in practice Two types of attacks occurs firstis passive attacks in which a node isdriven its selfishness and active attacksin which a malicious node has the goal of interrupting normal networkoperation. Although a malicious node can deploy a variety of DoS attacks 1,2, we only consider the attacks caused by the failing to perform packetforwarding while participating in routing. This problem is called as the blackhole problem. Simulation in 3 shows that if 10%-40% of the nodes fail toforward packets (but participate in the routing protocol), this can cause athroughput degradation of about 16%-32%.
In this paper, we propose a mechanism based onpromiscuous listening to detect misbehaving nodes. For a given node, the ratiobetween the number of dropped data packets and the number of successfullyforwarded data packets by the node represents a metric to mark the node aseither misbehaving or well behaving. If this ratio exceeds a threshold, thenode is marked as misbehaving. If the ratio is below the threshold, the node ismarked as well behaving. Upon detecting a misbehaving node, the detecting nodetries to avoid the misbehaving node and route the packets along another path.This decision has been taken locally informing neither the sender nor thereceiver, that is the misbehaving nodes can be avoided transparently from thesender and the receiver.
The remaining of this paper goes as follows. Insection2, we investigate some of currently proposed solutions for the routing misbehavior problem in ad hocnetworks. Section 3, presents our watch-dog mechanism. Results from simulationusing Network Simulator 2 (NS2) are presented in section 4. Section 5 concludesthe paper. II. Related Research Work In this section, we survey some of the currentattempts at solving the problem of routing misbehavior in ad hoc networks.
Sergio Marti 3 introduced Watchdog and Pathrater techniques with Dynamic source Routing (DSR) 4 that improve throughputin a MANET by identifying misbehaving nodes that agree to forward packets butnever do so. Watchdog is used to identify misbehaving nodes, and Path rater tohelp routing protocol to avoid these nodes.The CONFIDANT scheme 5 utilizes the concept ofreputation. Each node keeps track of a black-list of misbehaving nodes.Detection of a misbehaving neighbor and/or reception of a warning message fromtrusted peers against a node would add the misbehaving node to the black-list.A node will not service a request coming from a black-listed node. Also apacket is routed so that to avoid black-listed nodes in its path.
Reliance ontrust, the ability of malicious nodes to blackmail a legitimate node and the un-scalabilityof the global distribution of the black-list are some limitations of thisscheme. H.Deng, W.Li and D.P.Agrawal 6 proposed asolution for single black hole problem for ad hoc on-demand distance routingprotocol. In this method source node do not send packet to the destination nodeafter receiving the route reply packet, but source node finds one or more routeto the intermediate node that replays the RREQ message to check whether theroute from the intermediate node to the destination node exits or not.
Thismethods increases the routing overhead and is only solves the problem of singleblack hole node.In CORE scheme 7, each node keeps track ofreputation values of its neighbors only. The scheme uses more complexreputation systems. A node attains a negative reputation only when its neighbordetects its misbehavior and this negative value is kept local to the detectingneighbor. A misbehaving node will eventually be isolated from the network whenall its neighbors detect its misbehavior and thus stop forwarding packetsto/from it. With mobility in mind, one would expect this mechanism to fail ifthe misbehaving node’s neighbors continuously change allowing for a new chancefor the malicious node to drop more packets. The authors did not presentinformation on the performance of this scheme.
It should be noted that all theabove schemes fail in the case of multiple colluding nodes. For example, forthis scheme if two colluding nodes are neighbors, one of them would behavenormally keeping a path through the other node to drop packets. III. The AODV Watch Dog AlgorithmA. AODV Routing ProtocolThere are three types of routing messages in theAd hoc On-demand Distance Vector (AODV) 8 routing protocol: Route Request (RREQ), Route Reply (RREP) andRoute Error (RERR). AODV adopts a proactive scheme to establish routes amongnodes. If node A wants to communicate with another node B and it has no activeroute to it, it issues a RREQ message for node B. The RREQ message contains theaddress of B, the address of A, a sequence number unique per node per RREQmessage, and the number of hops traversed by the RREQ message so far.
Node Abroadcasts the RREQ message. Upon reception of an RREQ message, a neighboringnode C checks to see if it has an active route to B. If it does, it replies tonode A with an RREP messages containing the address of node B, the number ofhops (as the routing metric) to B and a sequence number for the route. If nodeC does not have an active route to B, it either creates or updates its route toA using the information it gets from the RREQ message.
Node C then broadcaststhe RREQ message after incrementing the message’s number of traversed hops. Ifthe RREQ message reaches the destination B, B issues an RREP message containingits current sequence number and uni-cast it to the source of the RREQ. Eachintermediate node on the path that the RREP message traverses to A creates aroute to B if it does not have one, and forwards the RREP message using its routeto A. If it has an active route to B, the intermediate node examines the RREP’ssequence number and number of hops.
A node updates its route if the new routehas a larger sequence number or it has the same sequence number but with lessnumber of hops. It then forwards the RREP message. Otherwise, the node dropsthe RREP message. When node A receives the RREP message, it creates a route toB using the fields in the RREP message.Each node maintains a routing table containingan entry for each destination it knows about. An AODV routing table entrycontains the destination node address, the address of the next hop, the numberof hops to reach the destination via this route, and the destination’s sequencenumber associated with this route.
AODV has two modes of route maintenance:periodic hello messages and link layer feedback. In the former, nodes exchangehello messages periodically. The absence of a specified number of consecutivehello messages indicates that a node is either down or out of wireless range. Alink layer feedback is generated in case of a missing ACK or a missing CTSmessage after a specified number of retries. Either of these conditions causesa node to either try a local route repair by sending an RREQ message if thenode is closer to the destination than the source or to broadcast an RERRmessage containing the broken node address and, in the case of link layerfeedback, the destination’s address that the node was trying to reach. Eachnode receiving this RERR message will bring down its route to the mentioneddestination if the route goes through the source of the RERR message andbroadcast the RERR message if there are nodes that use this route. For eachrouting table entry, each node keeps a precursor list of upstream nodes usingthe route entry. Finally, each routing table entry expires after some specifiedamount of time if it was not used for this time.
B. Routing Attack(Black HoleAttack)Black holeattack 6 is an active insider attack; the attacker consumes the interceptedpackets without any forwarding Figure 1: The Black hole problem Based onoriginal AODV protocol, any intermediate node may respond to the RREQ messageif it has fresh enough route, which is checked by the destination sequencenumber contained in the RREQ packet. In the above figure node 1 is source nodewhere as node 4 is destination node. Source node broadcasts route requestpacket to find a route to destination node. Here node 3 acts as black hole.
Node 3 also sends a route reply packet to the source node. But a route replyfrom node 3 reaches to source node before any other intermediate node. In thiscase source node sends the data packet to destination node through node 3. Butas the property of black hole node, the very node does not forward further anddropped it. But source node is not aware of it and continues to send packet tothe node 3. In this way the data, which have to be reached to the destinationfails to reach there? There is no way to find out such kind of attack. Thesenodes can be in large number in a single MANET, which makes the situation morecritical. C.
The Watch-dog MechanismIn my proposedsolution, each node maintains two tables, one is called pending packet tableand another one is called node-rating table. In pending packet table, each nodekeeps track of the packets it sent. It contains a unique packet ID, the addressof the next hop to which the packet was forwarded, address of the destinationnode, and an expiry time after which a still-existing packet in the buffer isconsidered not forwarder by the next hop.In node rating table, each nodekeeps rating of nodes, which are adjacent to it (means nodes are within itscommunication range). This table contains the node address, a counter ofdropped packets observed at this node and a counter of successfully forwardedpackets by this node. The fourth field of the above node rating table iscalculated by the ratio of data forwarding failure and successfully forwardedpackets, if this ratio is greater than a given threshold value then this nodemisbehave value will be 1(means it is considered as a misbehave node),otherwise it is considered as a valid node. An expired packet in the pendingpacket table causes the packet drops counter to increment for the next hopassociated with the pending packet table entry.
Each node listens to packet thatare within its communication range, and only to packets belonging to itsdomain. Then it verifies each packet and prevent forged packet. If it observesa data packet in its pending packet table, then it removes this data packetfrom pending packet table after authenticating the packet. If it observes adata packet that exits in its pending packet table with source addressdifferent from the forwarding node address, then it increments the packetforwarding value in the node-rating table.
For deciding whether a node ismisbehaving or act as a legitimate one, depend on the selection of thresholdvalue. For example if we take a threshold value of 0.2. This means that as longa misbehaving node is forwarding twice packets as it drops it will not bedetected. If we take a lower value of threshold then it will increase thepercentages of false positives. After detecting a misbehaving node, a node willtry to do local repair for all routes passing through this misbehaving node. Iflocal repair process fails, then it will not send any RERR packet upstream inthe network.
This process tries to prevent a misbehaving node from droppingpackets, and also prevent black-mailing of legitimate nodes. To avoidconstructing routes, which traverse misbehaving nodes, nodes drop/ignore allRREP messages coming from nodes currently marked as misbehaving. To stopmisbehaving node to act actively in a network, the entire packet originatingfrom this node has been dropped as a form of punishment. IV.
The Results We use the NS2 9, 10 simulatorto build a module for our AODV watch-dog mechanism. The module inherits fromthe AODV module already integrated in NS2. It adds the two tables: the pendingpacket buffer and the node ratings table. It also uses the support to tap MAClayer packets.
The number of nodes simulated is 50 nodes moving in an area of 2000x1000meters squared with speed between 0 and 10 m/s and using the random waypointmobility model. Each simulation run is for 1000 seconds. We vary the pausetimes of the nodes between 0 seconds (high mobility), 100 seconds, 200 seconds,300 seconds, 400 seconds, 500 seconds (medium mobility), 600 seconds, 700seconds, 800 seconds, 900 seconds and 1000 seconds (low mobility). We use CBRtraffic generators with 16 packets/second and 512 bytes packet size. We use 10number of CBR traffic sources. Finally, we vary the number of misbehaving nodesbetween 0, 3 and 5 nodes.
We measure the throughput, the total number ofreceived packet per unit time. We also measure the packet delivery ratio, theratio between the number of packets received by the CBR sink at the finaldestination and the number of packets originated by the CBR sources.The throughput and packet delivery ratio (PDR) at different pause timesand different number of misbehaving nodes has been measured when the number ofCBR sources is 10. For a lightly loaded network, the effect of the watch-dogmechanism is to improve the throughput and packet delivery ratio in theexistence of misbehaving nodes, while retaining the approximately samethroughput and packet delivery ratio as the defenseless AODV in the case of 0misbehaving nodes.
V. ConclusionThe mobile Ad hoc Network is an emergingresearch area with practical application, but they are vulnerable in manysettings to nodes that misbehave when routing packets. In general, routing security in wirelessnetworks appears to be a nontrivial problem that cannot easily be solved. It isimpossible to find a general idea that can work efficiently against all kindsof attack, since every attack has its own distinct characteristics.In this paper we analyze extension to AODV tomitigate the effect of routing misbehavior in ad hoc networks- the watch-dogmechanism. We show that this technique increases throughput by 16% to 20% andpacket delivery ratio by 8% to 20% in the presence of 8% misbehaving nodes in anetwork with moderate mobility.