Security Threats of Black-Hole Attacks in Mobile Ad-Hoc Network using HTTP Traffic
Abstract – Mobile ad-hoc network (MANET) is an infrastructure less network. This network is a collection of randomly moving mobile nodes. As MANET does not have any centralized management, this network can form anywhere with the participation of randomly moving nodes. Because of such vulnerable behavior of MANET, this network has to face many security problems. There are so many security threats of MANET, which does not have any solution. Even detection of those problems is not easy. Some of the security threats are very severe. Those threats can even destroy the whole network. Researchers are working to find out the solution of those threats. Among those threats, we have worked with two security threats, which are Black-hole attack and Jellyfish attack. Here, we have found out the threats using HTTP traffic. We use OPNET modeler 14.5 as simulator AODV routing protocol. The aim of this paper is to find out the impact of security threats on MANET using HTTP traffic. We decide the impact using number of events and average number of events utilizing throughput of the OPNET modeler.
Keywords: Network; HTTP; Security; Threats; MANET
We are living in the era or technological advancement. In this advanced world Mobile Ad-hoc network (MANET) is one of greatest technology. It has made so many nonviable works easier for us. MANET is a self-determining collection of mobile nodes. MANET is a collection of mobile nodes, which can communicate with each other via radio waves. There are so many security issues in MANET. Such as packet dropping attack data traffic attack, Black-hole attack, Jellyfish attack, Control Traffic attack etc. Here we have focused one important security attack on MANET, that’s Black-hole attack. Both of these attacks are so threatening for the MANET and can cause a great security disaster in any confidential work, which is performing with the help of MANET.
Overview of Mobile ad-hoc networks
Mobile Ad Hoc networking (MANET) can be classified into first, second and third generations. The first generation of mobile ad-hoc network came up with “packet radio” networks (PRNET) in 1970s and it has evolved to be a robust, reliable, operational experimental network. The PRNET used a combination of ALOHA and channel access approaches CSMA for medium access, and a distance-vector routing to give packet-switched networking to mobile field elements in an infrastructure less, remote environment. The second generation evolved in early 1980’s when SURAN (Survivable Adaptive Radio Networks) significantly improved upon the radios, scalability of algorithms, and resilience to electronic attacks. During this period include GloMo (Global Mobile Information System) and NTDR (Near Term Digital Radio) were developed. The aim of Glom was to give office environment Ethernet-type multimedia connectivity anytime, anywhere, in handheld devices. Channel access approaches were in the CSMA/CA and TDMA molds, and several novel routing and topology control schemes were developed. The NTDR used clustering and link- state routing, and self-organized into a two-tier ad hoc network. Now used by the US Army, NTDR is the only “real” (non-prototypical) ad hoc network in use today. The third generation evolved in 1990’s also termed as commercial network with the advent of Notebooks computers, open source software and equipment’s based on RF and infrared. IEEE 802.11 subcommittee adopted the term “ad hoc networks.” The development of routing within the Mobile ad-hoc networking (MANET) working group and the larger community forked into reactive (routes on- demand) and proactive (routes ready-to-use) routing protocols 141. The 802.1 1 subcommittee standardized a medium access protocol that was based on collision avoidance and tolerated hidden terminals, making it usable, if not optimal, for building mobile ad hoc network prototypes out of notebooks and 802.11 PCMCIA cards. HIPERLAN and Bluetooth were some other standards that addressed and benefited ad hoc networking. With the increase of portable devices with wireless communication, ad-hoc networking plays an important role in many applications such as commercial, military and sensor networks, data networks etc., Mobile ad-hoc networks allow users to access and exchange information regardless of their geographic position or proximity to infrastructure. Since Mobile ad-hoc networking (MANET) has no static infrastructure, it offers an advantageous decentralized character to the network. Decentralization makes the networks more flexible and more robust.
- Security Issues in MANET
Mobile Ad Hoc Network (MANET) is infrastructure less network and each of its nodes is free to move everywhere. Any devices can join this network at any time. These features have brought so many security issues. It has increased probability of much security attack in MANET. There are so many security attacks in MANET. These attacks can classify into three types according to its nature.
- Active attack.
- Passive attack
- Hybrid attack
In our research, we have focused only Black-hole attack. Black-hole attack is an active attack.
- Black Hole Attack
Black hole attack is an attack that happens in Mobile ad hoc network (MANET) which disables that particular victim network. It is an active attack. In this attack, a malicious node enters in the network and advertises itself to other nodes, which exist on that network. It advertises itself as a shortest path to the destination node or to the packet; it wants to head off. The host node responds by advertising its availability of fresh routes without checking routing table. Then attacker node replies to the host nodes, intercept the data packet and retain it. In protocol, based routing reply of a malicious node will received before the reply of actual node. Later malicious route will be created. It will interrupt the data traffic and will dropped with data from the existing network. As in MANET each node stands with keeping hand in hand relying each other, so dropping of one node will cause of dropping other nodes, which lead to destruction of the whole network eventually. Black hole attack can be two types. In single Black hole attack, one malicious node enters in the network. It advertises itself as a shortest path to the destination node. Other neighboring nodes thinks that it is the shortest path for sending data. If the malicious node reply reaches to those nodes before the authenticate nodes reply, then a forged route creates there. All other nodes in the network send all their data traffic to that malicious black hole node and it retains all the data and drops with them. A single black hole attack can easily happen in MANET. In case of collaborative black hole attack, many malicious nodes enter in the network. They advertise as being the shortest path to the destination for attracting other nodes. If those nodes believe them and receives, their reply before the actual nodes reply then forged route creates in MANET. Collaborative attack is efficient than Single black hole attack as there are many malicious nodes to work together for the destruction of the MANET.
Ad-Hoc On-Demand Distance Vector routing (AODV) is routing protocol, which creates routing between two nodes in the network based on route discovery. This routing protocol uses a classical distance vector routing algorithm. It is a reactive routing protocol. This routing protocol transmits information based on the demand of nodes. When any node wants to transmit data to other nodes, this routing protocol will generate route request message. AODV provide loop free route to the network when repairing link breakage. One of the best features of AODV is it provides broadcast, unicast and multicast communication. It also faster routing protocol as it finds out entire unidentified network and for newer end, which does not exist on the navigation of that particular network.
FLOORPLAN & PROPOSED SYSTEM
- Setup of OPNET Modeler
First, we set our attributes for the simulation scenarios for our paper. Some of the parameters were fixed and we changed some for simulating it on different criteria. We considered mobile nodes for the simulation. The mobility of the nodes is fixed. Protocol fixed as AODV throughout the network scenario. Attributes were set to match the simulation scenario for different areas and nodes varying the areas for area wise simulation and varying the number of nodes for node wise simulation. Performance metric was set to HTTP protocol.
Fig. 1. Proposed Model Diagram
- Calculating and Comparing Results
Firstly, we calculated the results for affected scenario for different areas. Then we compared the results for different nodes and observed the relation between varying area and nodes and to come up with equations to generate optimized network solution. From that we can come to know Black-hole attack is affecting which parameters of our network.
- Generated Model
From the analysis of different area vs. different nodes, we can select a security attack preventive scenario. It will be an avoidance procedure not a solution to the security attack. From the analysis, we can select how much area is suitable for a given number of node or how many nodes are suitable for different area size. From the analysis of black hole attacks, we can point out which parameters of our scenarios are being affected. The results can be used to form customize algorithm in replace to conventional routing algorithms like AODV, OLSR, TORA etc.
We have already discussed how black-hole attack occurs in a network scenario. Black-hole attack blends into the network and causes dropout of packets. In the proposed model we have measured what effects does these one security forge attacks have on a given network scenario by measuring the output of different parameters of the network. Then we compared the results with default (scenarios with no attack) scenarios and observed the outcome. For our proposed model, OPNET Modeler 14.5 is used. All the experiments done in a personal computer (PC) with the configuration Intel(R) Core i7-5550 CPU @ 2.4 GHz, 8GB RAM, running windows 10. In this paper, we have analyzed the effects of the security attacks on different areas against different number of nodes per simulation. Firstly, we measured the throughputs of the scenarios throughout the entire attack simulation. Secondly, we calculated the change in number of events after the simulation per scenario. Lastly, we compared the results generated for different areas with results found for different nodes
Environmental Setup for different areas of simulation
For measuring the after effects of black-hole attack on different areas, we ran the simulation for 500m×500m, 1000m×1000m, 1500m×1500m, 2000m×2000m, 2500m×2500m
Fig. 2. Network scenario for different areas of simulation
Figure 2 represents the scenario selected for this simulation. Here, we kept the number of nodes fixed to 100 and ran the paper for different simulation areas. Simulation runtime was set to 15 minutes, model family was selected MANET, protocol was fixed to AODV, traffic was set to HTTP, mobility of the nodes was set to default random waypoint, node movement speed was 10 meter per second. After that 5 malicious nodes were injected to the scenarios to compare the results against default scenarios with no malicious nodes.
For different nodes, we created 5 different scenarios consisting of 35 nodes, 75 nodes, 100 nodes, 130 nodes and 150 nodes
Fig. 3. Network scenario for different node wise simulation
Figure 3 represents the network parameters and attributes selected for the simulations. For each simulation, the numbers of nodes were changed. Simulation area was fixed to 1500m×1500m.Simulation time was 15 minutes, simulation protocol was set AODV, traffic was selected HTTP, node mobility was default random waypoint and node mobility. Speed was set to 10 meter per second. The numbers of malicious nodes in the scenarios selected accordingly to compare the results against different areas of simulation.
- Impact of Black-hole attack on number of events for different areas and nodes Figure 4 shows the impact of black-hole attack on total number of events for different areas. Here we can observe that the total number of events occurred for the affected scenarios are much less compared to the default scenarios.
Fig. 4. Impact of Black-hole Attack on Number of Events for Different Areas
Fig. 5. Impact of Black-hole Attack on Number of Events for Different Nodes
Similarly, figure 5 represents the impact on number of events for different scenarios with different number of nodes. However, in this case the data shows that the number of total occurred events for attack scenario is not as reduced as the case before. Therefore, from that we can explain, for black-hole attack, rate of change in area has greater impact than rate of change in number of nodes. If we represent it with equation, we can obtain,
∀x ∈ B (Σ E (a) > Σ E (n))
B =Black-hole attack
x = Network scenario
E= Reduction in number of occurred events
a = Rate of change in area
n= Rate of change in number of nodes
Conclusion and Future Works
Due to the inherent design disadvantages of routing protocol in MANETs, many researchers have conducted diverse techniques to propose different types of prevention mechanisms for black hole problem. In this paper, we first summary the pros and cons with popular routing protocol in wireless mobile ad hoc networks. Then, the state-of-the-art routing methods of existing solutions are categorized and discussed. The proposals are presented in a chronological order and divided into single black hole and collaborative black hole attack.
According to this work, we observe that both of proactive routing and reactive routing have specialized skills. The proactive detection method has the better packet delivery ratio and correct detection probability, but suffered from the higher routing overhead due to the periodically broadcast packets. The reactive detection method eliminates the routing overhead problem from the event-driven way, but suffered from some packet loss in the beginning of routing procedure. Therefore, we recommend that a hybrid detection method which combined the advantages of proactive routing with reactive routing is the tendency to future research direction. However, we also discover that the attacker’s misbehavior action is the key factor. The attackers are able to avoid the detection mechanism, no matter what kinds of routing detection used. Accordingly, some key encryption methods or hash-based methods are exploited to solve this problem. The black hole problem is still an active research area. This paper will benefit more researchers to realize the current status rapidly.
 S.Hans, J Kumar, “A Review of Jellyfish Attack in
MANET”. International Journal of Engineering,
Applied and Management Sciences Paradigms, Vol. 24,
Issue.01, pp.191-195,May 2015. N.Shukla, S.Gupta, A.Virmani, “Mobile Ad-Hoc
Network (MANET): Security Issues Regarding
Attacks”, International Journal of Computer
Applications (0975 – 8887), National Conference on
Recent Trends in Engineering and Management
“NCRTEM- 2013” C. R. Davis “Security protocols for mobile ad hoc
networks”. McGill University Montreal, Quebec, Paper
submission, pp.1-134, August 2006 Aarti, S.S.Tyagi, “Study of MANET: Characteristics,
Challenges, Application and Security Attacks”.
Department of computer science & Engineering, MRIU,
Faridabad, India, VOL.3 Issue.5, pp.252-257, May
2013. I. Aad and J.P. Hubaux, E.W. Knightly, “Impact of
Denial of Service Attacks on Ad Hoc
Networks”,IEEE/ACM Transactions on
Netwroking,Vol.16,pp.791- 802,Aug.2008. S. Begum, “Techniques for resilience of Denial of
service Attacks in Mobile Ad Hoc
Networks”.International Journal of Scientific &
Engineering Research,Vol.3, Issue.3, pp.1-6, March
Application (AINA 2010), pp.775-780, April,2010.
MD Imran Sorker
Student of Computer Science & Engineering Department
A P G Shimla University,HP,India.