Enhanced AODV to Counter Black hole Attacks in MANET
Deepthi V S*
Mrs. Bharathi M
Department of CSE, SJCIT, VTU
[email protected]
Department of CSE, SJCIT, VTU
[email protected]
Abstract- Wireless networks are gaining popularity to
its peak today, as the users want wireless operates without
the use of external infrastructure. But the proliferation of
such MANET based connectivity irrespective of their
geographic position. MANETs are best suited for
emergency situations as they facilitate fully distributed,
self-maintainable dynamic topology networks that
applications are limited as its features impart high
applicability, yet they manifest unreliability. Another
cause of unreliability is the mutual intrinsic trust during
communication. One such attack exploiting this
trustworthiness is called the Black Hole attack wherein the
Black Hole in the network promises routing of the data
packet to the destination while in actuality it drops them
hence decreasing reliability.
Black hole attack is one of the security threats in which
the traffic is redirected to such a node that actually does
not exist in the network. It’s an analogy to the black hole
in the universe in which things disappear. The node
presents itself in such a way to the node that it can attack
other nodes and networks knowing that it has the shortest
path. MANETs must have a secure way for transmission
and communication which is quite challenging and vital
issue.
The aim of this paper is to detect and prevent the effects
of Black hole attack in MANET using Reactive routing
protocol like Ad-Hoc on Demand Distance Vector
(AODV) and analyse MANETs under single and
collaborative Black Hole attack and prevent it by diverting
traffic from the Black Hole. The proposed method is based
on sending confirmation packets that are verified by the
destination to check for Black Hole presence in the
proposed AODV routing protocol and encrypt the data
before sending it to destination. The proposed AODV
algorithm was then simulated in static node environment
and it was observed that its data delivery ratio is
significantly better than the conventional AODV.
Keywords— Black Hole, AODV, MANETs, Security,
Reliability, Routing
I. INTRODUCTION
This A MANET is a self-configuring, distributed,
dynamic network in which the nodes are mobile and
communication is not via fixed access points. Since they
act as open medium any node in space can be a part.
MANETs have a huge applicability potential as they have
the potential to be anywhere anytime. [1] Although the
features of MANETs attract huge applicability, they also
manifest vulnerability. This vulnerability to attacks
imposes unreliability, a condition that cannot be
compromised especially in emergency situations. There are
a variety of attacks that the MANETs are exposed to.
These attacks can be classified as active and passive
attacks. In active attacks the adversary breaks into the
system and is able to insert and capture transmissions thus
modifying or corrupting the data whereas in passive
attacks the adversary merely listens to the traffic and
extracts information from the transmissions. The
increasing rate and extent of black hole attacks raise
concerns for a defensive mechanism that has the properties
of being preventive as well as curative. Therefore this
project is an attempt to defend against “Black hole” attack
that compromises reliability of the networks by dropping
all data packets routed towards them.
Black hole attack is one of the security threats in which
the traffic is redirected to such a node that actually does
not exist in the network. It’s an analogy to the black hole
in the universe in which things disappear. The node
presents itself in such a way to the node that it can attack
other nodes and networks knowing that it has the shortest
path. MANETs must have a secure way for transmission
and communication which is quite challenging and vital
issue.
Previously the works done on security issues i.e. attack
(Black Hole attack) involved in MANET were based on
different routing protocol. Black Hole attack is studied
under the AODV routing protocol and its effects are
elaborated by stating how this attack disrupt the
performance of MANET. Very little attention has been
given to the fact to study the impact of Black Hole attack
in MANET using Reactive protocol like AODV and the
proposed enhanced AODV, to compare the vulnerability of
both these protocols against the attack.
II. MANETS- LITERATURE SURVEY
Mobile Ad-Hoc Network is the rapid growing
technology from the past 20 years. The gain in their
popularity is because of the ease of deployment,
infrastructure less and their dynamic nature. MANETs
created a new set of demands to be implemented and to
provide efficient better end-to-end communication.
MANETs works on TCP/IP structure to provide the means
of communication between communicating work stations.
Work stations are mobile and they have limited resources,
therefore the traditional TCP/IP model needs to be
refurbished or modified, in order to compensate the
MANETs mobility to provide efficient functionality.
Therefore the key research area for the researchers is
routing in any network. Routing protocols in MANETs are
a challenging and attractive tasks, researchers are giving
tremendous amount of attention to this key area.
Classification of MANETs Routing Protocols:
Routing protocols in MANETs are classified into three
different categories according to their functionality
1. Reactive protocols
2. Proactive protocols
3. Hybrid protocols
The hierarchy of these protocols is shown below in the
Figure 1.
named for the same reason as zone routing protocol. Each
zone can have different size and each node may be within
multiple overlapping zones. The size of zone is given by
radius of length P, where P is number of hops to the
perimeter of the zone [8].
III. AODV ROUTING PROTOCOL AND BLACK HOLE
ATTACK
Fig. 1 MANET routing protocols
1) Reactive Protocols:
Reactive protocols also known as on demand driven
reactive protocols. The fact they are known as reactive
protocols is, they do not initiate route discovery by
themselves, until they are requested, when a source node
request to find a route. These protocols setup routes when
demanded [3, 4]. When a node wants to communicate with
another node in the network, and the source node does not
have a route to the node it wants to communicate with,
reactive routing protocols will establish a route for the
source to destination node. Normally reactive protocols
Don’t find route until demanded
When tries to find the destination “on demand”, it
uses flooding technique to propagate the query.
Do not consume bandwidth for sending information.
They consume bandwidth only, when the node start
transmitting the data to the destination node.
2) Proactive Protocols:
Proactive routing protocols work as the other way
around as compared to reactive routing protocols. These
protocols constantly maintain the updated topology of the
network. Every node in the network knows about the other
node in advance, in other words the whole network is
known to all the nodes making that network. All the
routing information is usually kept in tables [6]. Whenever
there is a change in the network topology, these tables are
updated according to the change. The nodes exchange
topology information with each other; they can have route
information any time when they needed [6].
3) Hybrid Protocols:
Hybrid protocols exploit the strengths of both reactive
and proactive protocols, and combine them together to get
better results. The network is divided into zones, and use
different protocols in two different zones i.e. one protocol
is used within zone, and the other protocol is used between
them. Zone Routing Protocol (ZRP) is the example of
Hybrid Routing Protocol. ZRP uses proactive mechanism
for route establishment within the nodes neighbourhood,
and for communication amongst the neighbourhood it
takes the advantage of reactive protocols. These local
neighbourhoods are known as zones, and the protocol is
A. AODV:
AODV[2] stands for Ad-Hoc on Demand distance
Vector Routing algorithm. It is an algorithm that initiates
the route discovery only on demand, that is, a route is
discovered whenever a route is needed for communication.
It uses the following control packets in the process of route
discovery:
1. RREQ: Route Request
Source node that needs to communicate with another
node in the network transmits RREQ message. AODV
floods RREQ message, using expanding ring technique.
There is a time to live (TTL) value in every RREQ
message, the value of TTL states the number of hops the
RREQ should be transmitted.
2. RREP: Route Reply
A node having a requested identity or any intermediate
node that has a route to the requested node generates a
route reply RREP message back to the originator node.
3. RRER: Route Error
Every node in the network keeps monitoring the link
status to its neighbour’s nodes during active routes. When
the node detects a link crack in an active route, (RERR)
message is generated by the node in order to notify other
nodes that the link is down.
B. Black Hole Attack
Black Holes are malicious nodes that exploit the
following features of AODV:
1) AODV does not perform authentication of a new
node during it’s entry in a MANET.
2) It does not verify the route promised by any node.
Black Hole node’s motive is to divert all the data traffic in
the network toward itself.
In order to do so, Black Holes send RREP’s to the
source node with the least hop count or highest sequence
numbers. Since Black Holes do not search their routing
tables before generating a reply, they usually are the
quickest. Thus, the RREP packet so received from the
black hole is usually the first and appears to bear the latest
network configuration, causing the source to route towards
the Black Hole. The Black Hole node finally drops these
data packets.
Black Hole attacks can be independent, that is,
performed by a single node or can be collaborative as
shown in Fig 2. In collaborative attack, when multiple
Black Hole nodes are acting in coordination with each
other, B1 sends the RREP and specifies the route through
B2 as shown in Fig.3 When B2 is asked by the source for
the verification of a route to the destination through it, it
responds in conformity while in actuality it does not have
the route. The packets are then routed by the source, just to
be dropped by the node B1 or B2.
5.
Fig. 2 Black Hole Attack. S(source) receives RREP from
B(black hole) and starts sending data which is dropped by
B and never reaches D(destination).
Fig. 3: Collaborative Black Hole Attack. S(source)
receives RREP from B1(black hole) along with the next
hop(B2) information and sends a confirmation packet to
B2(black hole) which replies in affirmation and hence S
begins sending data which gets dropped by B2.
IV. RELATED WORK
A number of solutions to handle the black hole attack
have been proposed.
1. Name: Routing security in wireless Adhoc
networks
Proposed by: Deng et al.
Idea- Verifying the existence of a path from the
next hop node (to the rrep sending node)
Disadvantages: The method was suitable for single
black hole detection only.
2. Name: Prevention of Cooperative Black Hole
Attack in Wireless Ad Hoc Networks
Proposed by: Sanjay Ramaswamy, Huirong Fu,
Manohar Sreekantaradhya, John Dixon, and
Kendall Nygard
Idea-The ’THROUGH’ and ’FROM’ bit in the DRI
table to detect the collaborative Black Hole Chains.
Disadvantages: Their approach uses redundant bit
transmissions of ’THROUGH’ bits.
3. Name: ”Black hole Attack in Mobile Ad Hoc
Networks”
Proposed by: Al-Shurman et al.
Idea- Utilized the network redundancies to find out
the safe route (that is the one which is not black
hole struck).
Disadvantages: Suffered from a huge time delay,
unnecessary when the path is not black hole struck.
4. Name: Cooperative Black and Gray Hole Attacks
in Mobile Ad Hoc Networks
Proposed by: Aggarwal et al.
Idea- A backbone network was used to identify
black hole chains.
Disadvantages: The back bone network was
instructed by the source to do the black hole route
discovery only when the destination is unable to
receive the packets it transmitted- More delay
Name: Two Tier Secure AODV against Black
Hole Attack in MANETs
Proposed by: M. Umaparvathy
Idea- Two levels of security are provided. One
level is during the route discovery process and the
next is during the data transfer. Even if the
detection of Black hole attack fails at the route
discovers process, in the next level, it will be
identified.
Disadvantages:
High level of Computation
Overhead
6. Name: CAODV Free Blackhole Attack in Ad
Hoc Networks
Proposed by: Watchara Saetang, Sakuna
Charoenpanyasak
Idea- CAODV (Credit based AODV). A credit
based mechanism is very efficient to detect the
Black hole attack is AODV because the Black hole
attack can be detected before it occur in the
network.
Disadvantages: Their approach uses redundant bit
transmissions of ’THROUGH’ bits.
7. Name: An Efficient Algorithm for Detection of
Black hole Attack in AODV based MANETs
Proposed by: Neelam Khemariya ,
Ajay
Khuntetha
Idea- It not only detects the black hole nodes in
case when the node is not idle but it can also detect
the Black hole nodes in case when a node is idle.
(Uses Threshold and Sequence numbers for
detection of Black hole attack.)
Disadvantages: Increased Network Overhead and
Communication overhead
V. THE PROPOSED ALGORITHM: BD-AODV PROTOCOL
The AODV protocol has a provision of sending a
gratuitous RREP packet to the destination node. Whenever
an intermediate node has a route towards destination, in
addition to sending the RREP to the source, it also unicasts
a gratuitous RREP to the destination node. In our protocol
the gratuitous RREP is conceptualized and simulated as
the CONFIRM packet. Thus, a CONFIRM packet is
unicasted/ routed by the RREPN1 to the destination. Note
that it can be sent only if the RREPN1 has a route towards
destination. It is only after the receipt of CONFIRM will
the destination await for packets from the source.
The source unicasts a CHCKCNFRM to the destination
through RREPN2. Upon CHCKCNFRMs receipt the
destination replies by unicasting a REPLYCONFIRM with
a key to the source, only if it received a CONFIRM and a
CHCKCNFRM. Since a black hole does not possess a
route towards the destination, it fails to send the
CONFIRM, thus reply to the CHCKCNFRM is never
generated by the destination. This leads the source to
conclude that the RREP sending node was the black hole
one and route the data through RREPN2 node.
The proposed algorithm will hereafter be called as the
BD-AODV protocol i.e. Black hole Detecting AODV. It
gets its name because it detects and divert the data transfer
through other route where there is no black hole.
The proposed BD-AODV method uses the same RREQ
and RREP messages for route discovery process of
classical AODV and apart from that it also uses the three
important mechanisms.
They three modules are:
1. Destination Finding Process
2. CHECK CONFIRM and REPLY CONFIRM
process
3. File sending Process
Fig 4. (b) Shows CHECKCONFIRM
REPLYCONFIRM process
and
The flow charts of the above modules are shown
below:
(a)
Fig 4. (c) Shows File Sending Process
Fig 4. (a) Shows Destination finding process
Working of BD-AODV:
 The Source node sends the RREQ message to all
the nodes for finding the shortest path to
Destination node.
 The RREPN1 node which is the end node
connected to Destination sends the RREP
message back to Source and sends CONFIRM
message to Destination for checking of the Source
id at the destination end.
 The Source node sends the CHECKCONFIRM
message to the destination through RREPN2, the
end node which is connected to destination in the
next shortest path.

The Destination node reply to Source by sending
REPLYCONFIRM message with the secrete key
which is to be used for sending the encrypted data
through the RREPN2 path.
 The network module maintains the black hole
table which lists the entire black hole nodes IDs.
 The Source node encrypts the data by using DES
algorithm and the secret key received and checks
for the black hole presence in the route
discovered.
 If there is no black hole present in the list for the
selected path, it sends the encrypted data and
sends the data through the RREPN1 path.
 If new black hole is detected during the data
transfer, it selects the RREPN2 path for sending
the encrypted data and updates the black hole
table.
By this, the proposed method detects the black hole and
also prevent packet dropping by diverting the route.
Algorithm for execution of BD-AODV
A) Terminologies Used:
1. S: Source Node
2. D: Destination Node
3. IN: Intermediate Node
4. RREPN1: The Node that Sends RREP to Source and
CONFIRM to Destination
5.RREPN2: The Node that sends CHECKCONFIRM to
Destination and REPLYCONFIRM to Source.
6. Packets used in Classical AODV
a) RREQ- Route Request
b) RREP- Route Reply
c) RERR- Route Error
7. Packets apart from the ones used in AODV are:
a) CONFIRM: Send by RREPN1 to Destination
b) CHECKCONFIRM: Sent by Source to
Destination on Replay of RREP through RREPN2
c) REPLYCONFIRM: Sent by Destination to
Source on Reply of CHECKCONFIRM through
RREPN2
8. Tables used:
a) Black hole Table: Stores node address of black
hole nodes name and ID
b) Neighbour Table: Stores node name and
corresponding neighbour names
c) Node information table: Stores node name and
its ID and Position
B) Algorithm:
1. S sends RREQ
2. RREPN1 replies with RREP
If RREPN1 not in Black hole then
RREPN1 sends CONFIRM packet to D
via the route for D
3.S receives RREP
If RREPN1 in Black hole table then
Discard RREP;
End
else if RREP from IN then
Send CHECKCONFIRM Packet to D
via Route advertized by RREPN1
End
Else if RREP from RREPN2 then
Send CHECKCONFIRM packet to D via
RREPN2
End
Else
Route Data
End
4.IN receives CONFIRM
If IN is not a Black hole then
Relay CONFIRM
End
Else
Drop CONFIRM
End
5.
D
receives
CONFIRM
and
Unicast
REPLYCONFIRM
via RREPN2 with Key for
encryption to Source
6.S receives REPLYCONFIRM and Encrypt data with
Key
If RREPN1 in Black hole Table and RREPN2 is
not in Black hole Table then
Route encrypted data through RREPN2
End
Else if RREPN2 is in Black hole Table
Route encrypted data through RREPN1
End
Else
Store RREP nodes in Black hole table;
Retry RREQ
END
VI. SIMULATION AND ANALYSIS
Under Windows environment, java simulator is
created. The simulator creates the network model which
consists of number of nodes. User is allowed to select the
nodes and data file to transfer from source to destination.
The Contrast analysis is carried on performance of BDAODV and AODV. The most commonly used quantitative
indicators are used to judge the performance of the routing
protocol: Data Delivery Ratio, and Average End to End
delay versus number of black holes in both the protocols.
1.
Average End to End Delay versus number of
Black Holes(figure 5)-When there are more
than 1 black holes in the route, the end to end
delay rises because of an overhead of 3 packets.
Fig 5. Average End to End delay Versus Number of
Black holes
2.
Data Delivery Ratio (DDR) versus Inter packet
delay(figure 6)-Inter packet Delay is the time
difference between 2 consecutive packets sent by
the source from the application layer. Our
protocol is able to detect Black Holes and
thereafter successfully divert all the traffic from
it, hence a DDR of 1.With AODV, however, all
data is routed through the Black Hole and hence
no data reaches the destination giving a DDR of
0.
Fig 6. Data Delivery Ratio with Inter-packet delay
VII.
CONCLUSION AND FUTURE
ENHANCEMENT
Reliable Data Delivery is one of the important issue in
MANETs. The Simulation results are analysed for the
presence of black hole in both Classical AODV and
Proposed BD-AODV. With the control packets called
CONFIRM, CHCKCNFRM and REPLYCONFIRM, the
presence of Black Hole is detected and hence successfully
diverted all the traffic from it. The proposed protocol
shows that a single run of the algorithm can detect the
presence of single and collaborative Black Hole nodes.
The Proposed protocol can achieve maximum reliability by
detecting black hole and sending the encrypted data by
diverting the route traffic. As a part of future endeavour,
the aim is to study the processing time the Black Holes, to
analyse their behaviour. Also we would work upon
decreasing the number of packets transmitted per route in
our algorithm. And also we study the behaviour of the
Gray hole attack which drops only some packets and not
all packets as that of Black hole attacks.
ACKNOWLEDGMENT
With great regards, gratitude and reverence to Associate
Prof. Mrs. Bharathi M, and Prof. Dr. S N Chandrashekara,
HOD, Dept. of CSE, SJCIT for providing all the support
and guidance.
I wove great respect and gratitude to all my family
members and God for the blessings and encouragement
showered on me.
REFERENCES
[1] I. Chlamtac, M. Conti, J. Liu, ”Mobile ad hoc
networking: imperatives and challenges, Ad
Hoc
Networks”, pp. 13-64,2003.
[2] C Perkins, E Belding-Royer and S Das, ”Ad hoc OnDemand Distance Vector (AODV) Routing”, Internet
RFCs Volume: 1, Issue: 3561, Publisher: IETF, Pages: 138,2000.
[3] Deng H., Li W. and Agrawal, D.P., ”Routing security
in wireless ad hoc networks,” Communications Magazine,
IEEE , vol.40, no.10, pp. 70- 75, October, 2002.
[4] Sanjay Ramaswamy, Huirong Fu, Manohar
Sreekantaradhya, John Dixon, and Kendall Nygard,
Prevention of Cooperative Black Hole Attack in Wireless
Ad Hoc Networks, Proceedings of 2003 International
Conference on Wireless Networks (ICWN03), Las Vegas,
Nevada, USA, pp. 570-575.
[5]Al-Shurman, M., Yoo, S. and Park, S., ”Black hole
Attack in Mobile Ad Hoc Networks”, ACM Southeast
Regional Conference, pp. 96-97, 2004.
[6] Piyush Agrawal, R. K. Ghosh and Sajal K. Das,
”Cooperative Black and Gray Hole Attacks in Mobile Ad
Hoc Networks”, proceedings of the 2nd international
conference on Ubiquitous information management and
communication, pp. 310-314, Suwon, Korea, 2008.
[7] M. Umaparvathi, Dharmishtan K. Varughese, “Two
Tier Secure AODV against Black Hole Attack in
MANETs”, European Journal of Scientific Research ISSN
1450-216X Vol.72 No.3 (2012), pp. 369-382
[8] Watchara Saetang, Sakuna Charoenpanyasak
,”CAODV Free Blackhole Attack in Ad Hoc Networks”,
International Conference on Computer Networks and
Communication
Systems
(CNCS
2012)IPCSIT
vol.35(2012) © (2012) IACSIT Press, Singapore.
[9] Neelam Khemariya , Ajay Khuntetha ,” An Efficient
Algorithm for Detection of Blackhole Attack in AODV
based MANETs “, International Journal of Computer
Applications (0975 – 8887) Volume 66– No.18, March
2013