04-10-2016, 12:01 PM
1457630889-AODVBlackhole.txt (Size: 6.42 KB / Downloads: 3)
Ad-hoc On Demand Distance Vector protocol is an reactive protocol. It is the enhanced algorithm of DSDV protocol. In AODV routes are established in an On Demand basis. Mutes are generated to for the entire available destination. Route discovery is launched only when there is a need for source node for transmitting the data packet and source doesn�t have the route information to the destination. The broken link and modification in the routing information that happens in the network is been responded by nodes functioning with AODV algorithm. Irresponsive and ideal routes are deleted from the table if it stays in the network for a long time. For ignoring routing loops formed and Count to Infinity Problem AODV makes use of Destination Sequence Number.
One of the important benefits of using Ad-hoc On-Demand Distance Vector protocol is presence of timer based states integrated in each node. Routing table updated in equal intervals of time, and entries are created, these entries have to be used for continuing routing, else the routing entry expires if it is unused. For each update of routing table collections of former nodes are recorded, that indicates the nodes of network forwarding the packets using the entries made in the routing table. As the next-hops link is broken the RERR packets are generated to notify the nodes. Every former node, further forwards the RERR to their own former nodes, which destroys all the links with the help of broken ones. The visualization of RERR packet flow is done conceptually as tree, roots are indicated by the node at the point of failure is a root and leaves are indicated by all sources failed link.
MANET has its own weakness which attracts a wide variety of attacks in its environment. For Example, One of the Salient features of MANET to be considered is routing, as each packet should pass quickly through the intermediate nodes present in the network, as these are traversed to the destination node from the source node. Malicious attacks can define pertaining to route discovery process, which does not follow the route maintenance method specified in the mechanism of routing protocols. DSR, AODV, DSDV routing protocols are the targets for such attacks and these. In a recent study more complicated and sophisticated intrusions are observed and to name some of those black hole attacks, Wormhole and byzantine attack are few attacks that is considered more sophisticated. Currently the security schemes MANETs routing protocol is said to be the trending one in the research fields.
Black Hole Attack in AODV
Black Hole node an intruder, having its own scheme for routing exposes itself by responding to the route request packet and claims it has effective shortest path which it can route packets to the destination node and further claims it has new paths without having the route information or route entry in its routing table. Thus it keeps responding to the packet which carries requests for routes and accepts the data packets and destroys it. Flood based attack in routing is different as the attacker node behaves as route and principle it follows to get into network keep varying, in this the malignant node responds to the node which sends the route requests packet quicker than the nodes which is actual and replies to the route request packet through this false path is created [1, 4]. These malignant nodes upon receiving the data packets either it may destroy the packet or it may forward the packet to undefined destination. Two types of black hole attack can be described in AODV in order to distinguish the kind of black hole attack.
1. Internal Black hole attack: In internal black hole attack, a malignant node gets placed in to network containing numerous intermediate routes between source and destination itself acting as one of the intermediate node. As this malignant nodes gets opportunity it claims to have to have shortest path to the destination and thus it starts its attack process. This sort of scenario is called as internal attack because of the malignant node behaving as intermediate node in the network and making a tougher task in getting detected as it�s a challenging to detect a malignant node in the internal network.
2. External Black hole attack: In External Black Hole attack, the malignant node operates by staying externally to the network and destroys the incoming traffic to the network. It floods the network with the unwanted data packets and increasing congestion in the network and interrupting the ongoing activity of the network. This external attack can behaves as internal node attack if the activities of the internal malicious node is been controlled by the external malignant node, it is capable to launch attack to different trusted node of the network.
� Malignant node launches attack by retrieving the ongoing route activity information and look for the address of destination node.
� Malignant Node respond to RREQ packets by sending RREP packets by inserting a duplicate destination address field of an unknow destination node. Decrementing value of hop counts and thereby increasing the sequence number
� Route Reply (RREP) packet is sent to a node which is actively involved in route establishment and it can establish a route with the source if there is path available to it.
� Inverse route is established to the source through the node which accepted route reply (RREP) packet from the malignant node.
� Routing table is updated by the source node soon after receiving the route reply packet which holds route information.
� The source node will now deal with the new route for sending data via the malignant node and this malignant node will now either destroy the packets by dropping it.
Scenario of black hole attack in AODV protocol can be explained by considering a Node �A� as an malicious node, Node �S� as source node and Node �D� as destination node., firstly an ongoing route activity between source Node �S� and destination node �D� is detected by the Node �A�. Route Reply (RREP) packet containing the duplicate address of destination node having low hop count value and high sequence number comparing to normal intermediate node �F�, this information is further forwarded to the sender by the node �F�. Sender node updates the routing information and forward the data packets and this data packets is received by numerous attacking nodes and the data packets are destroyed by these nodes, thereby completely disrupting the communication between the source node and destination node.